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DHS  Faces  Security, 
Leadership  Hurdles 


Private-sector  IT 
execs  see  diminished 
cybersecurity  role 

BY  DAN  VERTON 

WASHINGTON 

This  Friday  marks  the  end  of 
the  30-day  period  in  which 
the  U.S.  Department  of 
Homeland  Security  hoped  it 
would  hire  a  leader  for  its 
cybersecurity  division.  But 
there  are  serious  doubts 
about  whether  the  DHS  will 
be  able  to  hire  the  right  per¬ 
son  this  week  or  even  in  the 
foreseeable  future. 

According  to  the  former 
top  cybersecurity  adviser  to 
the  president,  a  high-level 
source  in  the  DHS  and  IT 
industry  executives,  many 
of  the  most  qualified  candi¬ 
dates  have  been  turned  off 
by  what  they  perceive  as 
the  administration’s  sur¬ 
prising  change  of  heart  on 
cybersecurity. 

“The  elimination  of  the 
presidential  position  [of  cy¬ 
bersecurity  adviser]  sent  a 
Cybersecurity,  page  12 


It’s  time  for  the  DHS  to  focus 
on  helping  IT  managers  over¬ 
come  the  security  disconnect 
between  business  and  IT, 
Patricia  Keefe  says.  Page  20 


Had  little  choice  but  to 
sign  Microsoft  deal, 
despite  security  flaws 


BY  DAN  VERTON 

The  fact  that  the  U.S.  De¬ 
partment  of  Homeland 
Security  awarded  Microsoft 
Corp.  a  $90  million  enter¬ 
prise  software  deal  two  days 
after  Bill  Gates  met  with 
DHS  Secretary  Tom  Ridge 
in  Washington  is  more  than 
sheer  coincidence. 

It’s  now  a  major  security 
headache  for  a  mammoth 
new  agency  that  security 
experts  si  lacks  the  where¬ 
withal  to  have  considered 
Microsoft  Deal,  page  12 
wmmmmMmmm:  mmm 


Latest  Vulnerability 
Includes  Windows 
Server 2003 

BY  JAIKUMAR  VIJAYAN 

Users  last  week  reacted 
with  a  mixture  of  con¬ 
cern  and  resignation  to 
the  discovery  of  a  criti¬ 
cal  flaw  in  almost  all 
versions  of  Microsoft 


Corp.’s  Windows  soft¬ 
ware,  including  the  Win 
dows  Server  2003  oper¬ 


ating  system. 

The  vulnerability  ex¬ 
ists  in  a  communication 
Windows  Flaw,  page  12 


Even  in  the  economic  doldrums,  CIOs  are  plan¬ 
ning  for  better  days.  We  asked  a  half-dozen  CIOs 
-  who  are  bursting  with  pent-up  IT  initiatives  - 
what  their  first  investments  will  be  when  the 
economy  picks  up.  Page  37 

Mitsubishi  Motor  Sales  CIO  Tony  Romero  has  used  the  lull  to  develop  a 
four-year  IT  road  map  “so  when  things  get  better,  we're  ready  to  go.” 


Rivals  of  HP  Court  Tru64  Users 


Sun  and  IBM  eager 
to  attract  HP  users 
being  forced  to  Unix 

BY  PATRICK  THIBODEAU 

The  IT  staff  at  Best  Western 
International  Inc.  last  week 
wheeled  an  Alpha  server  that 
had  run  the  venerable  Tru64 
Unix  operating  system  into 
a  conference  room.  Over  a 
chicken  parmigiana  lunch, 
they  bade  it  goodbye. 

Jerry  Skaare,  director  of  ar¬ 
chitecture  at  the  Phoenix- 
based  hotel  chain,  said  the  Al¬ 
pha  “funeral,”  as  he  called  it, 
marked  the  company’s  transi¬ 
tion  to  Hewlett-Packard  Co.’s 
HP-UX  version  of  Unix  run¬ 
ning  on  its  Superdome  server. 

Every  user  of  the  Tru64 
Unix  operating  system  and  Al¬ 
pha  chips  will  eventually  have 
to  migrate,  since  HP  is  phas¬ 


ing  them  out  in  favor  of  HP- 
UX  and  Intel  Corp.’s  Itanium 
processor.  And  the  company’s 
rivals  see  that  as  an  open  door. 

Sun  Microsystems  Inc.  last 
week  detailed  a  plan,  called 
“HP  Away,”  to  woo  HP  users 
to  its  Solaris-on-Sparc  plat¬ 
form.  Larry  Singer,  Sun’s  chief 
Tru64,  page  S3 


Sun  VHP  Away* 

Sun  has  detailed  an  incentive 

plan  for  Alpha  and  Tru64  users. 

Among  the  terms: 

■  No-risk,  two-week  assess¬ 
ment  service  for  migrating 
from  Tru64  to  Solaris. 

■  Deferred  payment  for  the  en¬ 
tire  migration,  until  comple¬ 
tion,  not  to  exceed  90  days. 

■  Financing  and  trade-in  offers. 


IT  Security  Short  on  Funding 


Building  a  case  will 
require  alternative  to 
usual  ROI  techniques 

BY  JAIKUMAR  VIJAYAN 

Inadequate  funding  remains 
the  single  largest  obstacle  to 
implementing  effective  IT  se¬ 
curity  measures  at  most  com¬ 
panies,  according  to  a  recent 
global  survey  conducted  by 


Ernst  &  Young  International. 

And  a  majority  of  the  com¬ 
panies  surveyed  said  they 
rarely  or  never  calculate  re¬ 
turn  on  investment  when 
building  a  case  for  informa¬ 
tion  security  budgets. 

“Return  on  investment  ap¬ 
pears  to  have  fallen  out  of  fa¬ 
vor  as  a  measure  of  the  effec¬ 
tiveness  of  information  securi¬ 
n'  Security,  page  53 


IBM  Total  Storage™ 

; 


IBM  TolalSIorage  Virtualization  Family  consists  ol  the  SAN  Integtation  Server  and  tfie  SAN  Volume  Controller  IBM.  the  IBM  logo  and  TotalStorage  are  trademarks  of  International 
Business  Machines  Corporation.  Other  company,  product  and  service  names  may  be  trademarks  or  service  marks  of  others.  ©2003  IBM  Corporation.  All  rights  reserved. 


The  human  body  has  an  amazing  capacity  to  adapt  to  shifting 
demands.  So  do  IBM  TotalStorage  products. The  IBM  TotalStorage 
Virtualization  Family  manages  your  individual  storage  resources 
as  one  common  virtual  pool.  It  can  then  allocate  storage  to  your 
servers,  helping  to  improve  availability  and  utilization.  On  demand. 
Helping  to  lower  your  costs. 

TotalStorage:  storage  for  on  demand  business. 

Can  you  see  it?  See  it  at  ibm.com/totalstorage/ondemand 
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SAS®  is  ail  you  n 


Only  SAS  provides  you  with  a  complete  view  of  your 
customers.  So  you’ll  understand  their  needs,  enhance 
their  lifetime  value  and  achieve  greater  competitive 
advantage.  To  find  out  how  leading  companies  are 
reaping  the  rewards  of  SAS  customer  intelligence 
software,  call  1  866  270  5723  or  visit  our  Web  site. 


www.sas.com/customer 


The  Tower  to  Know, 


EMERGING  TECHNOLOGIES 

I/O  Moves  Into  the  Express  Lane 

In  the  Technology  section:  PCI  Express  stands  ready 
to  open  Peripheral  Component  Interconnect  bus 
bottlenecks,  but  most  users  don’t  yet  have  a  need 
for  the  technology.  Page  23 
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Open  for  Inspection 

In  the  Management  section:  Thanks  to  the  new 

Web  site  of  New  York’s  Department  of  Buildings, 
architects  and  engineers  no  longer  have  to  wait 
hours  in  line  to  get  crucial  information  to  work  on 
the  city's  900,000  buildings.  Page  39 
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6  Consolidation  projects  are 

boosting  demand  for  high-end 
products  in  the  sluggish  serv¬ 
er  market. 

6  Senate  votes  to  kill  funding 

for  TIA,  the  antiterrorism 
data-mining  program. 

7  Project  management  offices 

are  too  bogged  down  by  ad¬ 
ministrative  tasks  to  do  their 
job  effectively. 

7  EMC  introduces  a  remote 
storage  metering  device. 

8  P2P  file  sharing  on  corporate 
networks  is  becoming  more 
widespread  than  many  com¬ 
panies  realize. 


9  CA  claims  its  Sonar  technol¬ 
ogy  will  allow  IT  managers  to 
more  efficiently  exploit  exist¬ 
ing  resources. 

9  IBM  and  Cisco  sign  a  deal  to 
install  8,000  multiprotocol 
switches  at  AXA  Group. 

13  Corporations  still  appear  to 
be  unwilling  to  make  the  orga¬ 
nizational  changes  necessary 
to  improve  security. 

14  Amerisure  Insurance  uses 
Compuware  tools  to  test  a 
multimillion-dollar  insurance 
policy  processing  system. 

14  Videoconferencing  vendors 

try  to  rekindle  the  market 
with  new  products. 

16  Q&A:  Lotus  1-2-3  creator 

Mitch  Kapor  discusses  Lin¬ 
ux’s  impact  on  corporate 
computing. 


30  Case  Study:  Boehringer  Cures 
Slow  Reporting.  The  pharma¬ 
ceutical  company  turns  to  an 
SAP/Cognos  system  to  speed 
its  financial  reports. 

31  Plugging  Storage  Security 
Holes.  Users  and  experts  give 
advice  on  how  to  secure  SAN 
and  NAS  systems. 

32  Future  Watch:  TV  for  the  21st 
Century.  Public  Broadcasting 
Service  is  adopting  supply 
chain  concepts  and  open  IT 
standards,  promising  to  fun¬ 
damentally  change  TV  broad¬ 
casting. 

34  Security  Manager’s  Journal: 
Arrogance  Undermines  Best 
Antivirus  Defense.  Inatten¬ 
tion  and  complacency  allow 
Vince  Tuesday’s  layered  an¬ 
tivirus  defense  to  atrophy  — 
and  a  virus  gets  through  the 
corporate  defenses. 
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37  Ready,  Set .  .  .  Here’s  a  look 
at  types  of  projects  that  CIOs 
will  spend  their  IT  dollars  on 
when  the  economy  improves. 

40  Thrift  Thrives  on  Low  Tech. 

Washington  Federal  Savings 
and  Loan  is  doing  just  fine 
with  its  typewriters  and  low- 
tech  approach. 

42  Q&A:  Don’t  Kid  Yourself.  IT 

managers  need  to  be  more  re¬ 
alistic  about  project  planning, 
says  Dan  Lovallo,  who  wrote 
an  article  about  the  subject  in 
this  month’s  Harvard  Business 
Review. 


8  On  the  Mark:  Mark  Hall  says 
spam  has  outfoxed  the  simple 
solutions,  so  vendors  are  of¬ 
fering  more  complex  tools  to 
weed  out  unwanted  e-mail. 

20  Patricia  Keefe  wants  the  De¬ 
partment  of  Homeland  Securi¬ 
ty  to  spend  less  time  babbling 
about  its  “business  approach” 
to  fighting  terrorism  and 
more  time  educating  CEOs 
about  the  IT  security  crisis. 

20  Pimm  Fox  notes  that  efforts  to 
defend  our  nation’s  infra¬ 
structure  will  help  drive  the 
digital  economy. 

21  Greg  Papadopoulos,  Sun’s 
CTO,  predicts  that  something 
called  “bitmass”  will  change 
the  texture  of  our  world. 

36  Nicholas  Petreley  says  CPU 
standards  are  needed  to  maxi¬ 
mize  computing  performance. 

44  Bart  Perkins  points  out  that 
Oracle’s  hostile  bid  for  People- 
Soft  underscores  the  need  for 
CIOs  to  protect  their  own  in¬ 
terests  in  software  contracts. 

54  Frankly  Speaking:  Frank 
Hayes  says  CEOs  who  used 
to  clip  IT  ideas  from  business 
publications  are  smarter  now 
—  and  IT  managers  should 
be  smarter  about  how  they 
respond  to  their  ideas. 
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How  to  Take  the 
Offense  on  Identity  Theft 

SECURITY:  Jeff  Drake,  director  of  security 
strategy  at  Tivoli  Software,  offers  practical 
advice  on  how  organizations  can  keep  em¬ 
ployee  and  customer  data  safe  from  mali¬ 
cious  hackers.  ©  QuickLink  39094 

Inside  the  Hacker’s 
Toolbox,  Part  2 

MOBILE/WIRELESS:  This  week’s  installment 
from  AirDefense’s  Brian  Moran  looks  at 
hacker  tools  and  what  they  can  do  to  your 
wireless  LAN.  ©  QuickLink  39930 

Using  Web  Analytics 

WEB  SITE  MANAGEMENT:  Find  out  how  (and 
how  not)  to  measure  the  success  of  your  Web 
site  investment.  ©  QuickLink  39648 

Museum’s  SAN  Takes 
On  a  Mammoth  Task 

STORAGE:  A  14.4TB  SAN  at  the  American 
Museum  of  Natural  History  provides  backup 
and  data  management  for  32  million  objects 
and  the  work  of 200  scientists. 

©  QuickLink  39870 

Wireless  West  Point 

MOBILE/WIRELESS:  Col.  Donald  J.  Welch  ex¬ 
plains  the  choices  West  Point  made  as  it  built 
its  high-bandwidth,  high-traffic  wireless 

LAN.  ©  QuickLink  39967 


What’s  a  QuickLink? 

O  On  some  pages  in 
this  issue,  you'll  see 
a  QuickLink  code  pointing 
to  additional,  related  con¬ 
tent  on  our  Web  site.  Just 
enter  that  code  into  our 
QuickLink  box.  which 
you’ll  see  at  the  top  of 
each  page  on  oui  site. 
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PeopieSoft  Closes 
J.D.  Edwards  Deal 

PeopieSoft  Inc.  on  July  18  an¬ 
nounced  the  completion  of  its 
buyout  of  business  applications 
rival  J.D.  Edwards  &  Co.,  having 
acquired  110  million  shares,  or 
88%,  of  J.D.  Edwards’  stock. 
Separately,  Oracle  Corp.,  which 
has  made  a  hostile  bid  for  People- 
Soft,  confirmed  that  its  chief  mar¬ 
keting  officer,  Mark  Jarvis,  re¬ 
signed.  For  full  coverage,  go  to 
QuickLink  a3320  on  our  Web  site. 


Orbitz:  Oracle  to 
Blame  for  Outage 

Orbitz  LLC,  the  airline-owned 
travel  Web  site,  said  an  outage  on 
July  16  was  related  to  an  Oracle 
database.  Orbitz  spokeswoman 
Carol  Jouzaitis  said  it  was  the 
most  severe  outage  to  hit  the  site 
since  it  was  launched  about  two 
years  ago.  Jouzaitis  said  that  as  a 
result,  Orbitz  is  no  longer  using 
Oracle’s  9i  Real  Application  Clus¬ 
ters  database  software.  An  Oracle 
spokeswoman  stressed  that  the 
company  worked  closely  with  Or¬ 
bitz  to  fix  the  problem  and  that  no 
customer  data  was  compromised. 


Holes  Discovered 
In  Cisco  System 

Security  experts  warned  July  18 
that  ready-made  code  that  ex¬ 
ploits  a  recently  announced  Cisco 
Systems  Inc.  Internetworking  Op¬ 
erating  System  (IOS)  vulnerability 
is  circulating,  and  that  attacks  us¬ 
ing  the  exploit  are  taking  place. 
Cisco  had  warned  on  July  16  of  a 
serious,  widespread  flaw  in  IOS 
that  could  make  devices  using  the 
operating  system  vulnerable  to 
denial-of-service  attacks. 


Short  Takes 

COGNOS  INC.  this  week  plans  to 
announce  the  Cognos  Metrics 
Manager  Version  2.  It  will  ship  in 
mid-August,  priced  at  $650  per 
seat. . . .  DELL  COMPUTER  CORP. 
shareholders  voted  to  change  the 
company’s  name  to  Dell  Inc. 


Consolidation  Projects 
Elevate  Server  Market 


Demand  for  high-end  products  offers  a 
glimmer  of  hope  as  sales  stagnate 


Worldwide 
Server  Revenue 


BY  PATRICK  THIBODEAU 

NEW  YORK 

he  server  consoli¬ 
dation  path  led  Dale 
Pickford,  chief  infra¬ 
structure  officer  at 
Ocwen  Technology  Xchange 
Inc.,  to  the  high  end  of  the 
server  market.  He  replaced  140 
servers,  each  of  which  housed 
12-way  processors  at  most, 
with  two  Sun  Microsystems 
Inc.  servers,  one  running  78 
processors  and  the  other  run¬ 
ning  107. 

That  move  allowed  Ocwen, 
the  technology  subsidiary  of 
financial  services  company 
Ocwen  Financial  Corp.  in 
West  Palm  Beach,  Fla.,  to  cen¬ 
tralize  IT  management.  “High- 
end  servers  give  you  the 
means  to  accomplish  that,” 
said  Pickford,  an  attendee  at  a 
Sun  server  consolidation  fo¬ 
rum  here  last  week. 

Sun  officials  said  they’re 
seeing  strong  demand  for 
high-end  servers,  and  it’s  a 
customer  trend  that  the  com¬ 
pany  wants  to  exploit.  Sun  will 
announce  its  fourth-quarter 
earnings  tomorrow.  Its  rev¬ 
enue  for  the  third  quarter, 
which  ended  March  30,  was 
$2.79  billion,  down  10.2%  from 
the  same  quarter  last  year. 

Sales  Slump 

Worldwide  server  sales  have 
been  battered  by  the  econom¬ 
ic  downturn,  according  to 
market  research  firm  IDC  in 
Framingham,  Mass.  Revenue 
declined  nearly  12%  last  year 
to  $49.3  billion  and  will  re¬ 
main  flat  this  year.  Data  center 
consolidation  is  helping  the 
sale  of  high-end  servers,  say 
analysts  and  vendors.  Despite 
the  overall  decline  in  server 
sales,  revenue  from  these 
large,  predominantly  Unix- 
based  servers  costing  between 
$500,000  and  $1  million  re¬ 
mained  flat  at  $3.37  billion.  It 


isn’t  expected  to  change  much 
this  year. 

Another  relatively  active 
market  is  for  servers  that  cost 
under  $10,000  and  may  be 
used  as  a  clustering  alternative 
to  large  systems.  Revenue  has 
also  been  flat  in  that  market,  at 
$14.4  billion  in  each  of  the  past 
two  years.  But  IDC  sees  it  in¬ 
creasing  by  more  than  10% 
this  year  to  $15.9  billion. 

Bill  Claybrook,  an  analyst  at 
Aberdeen  Group  Inc.  in  Bos¬ 
ton,  said  the  high-end  market 
will  deteriorate  as  clusters,  es¬ 
pecially  those  running  Linux, 
become  more  mature. 

But  for  some  corporate  IT 
managers  consolidating  opera- 


BY  DAN  VERTON 

WASHINGTON 

The  Senate  last  week  voted  to 
wipe  out  funding  for  a  Penta¬ 
gon  data  mining  program  that 
the  White  House  says  is  a  crit¬ 
ical  weapon  needed  for  the 
war  on  terrorism. 

Sen.  Ted  Stevens  (R-Alaska) 
introduced  an  amendment  to 
the  Defense  Appropriations 
Bill  on  July  14  that  would  ef¬ 
fectively  eliminate  funding  for 
the  Terrorism  Information 
Awareness  (TIA)  program  be¬ 
ing  developed  by  the  Defense 
Advanced  Research  Projects 
Agency  (DARPA).  The  Senate 
passed  the  bill  unanimously 
with  the  amendment  intact. 

Since  its  inception,  TIA 
(formerly  known  as  the  Total 
Information  Awareness  pro¬ 
gram)  has  drawn  criticism 
from  privacy  rights  advocates 
who  fear  it  would  allow  au¬ 
thorities  to  rifle  through  the 
electronic  transactions  of  mil¬ 
lions  of  law-abiding  U.S.  citi- 
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SOURCE:  IDC.  FRAMINGHAM.  MASS. 

tions,  such  as  Andy  Miller,  vice 
president  of  technical  architec¬ 
ture  at  Corporate  Express  Inc. 
in  Broomfield,  Colo.,  clusters 
aren’t  ready.  They  require  “too 
many  interesting  software  ele¬ 
ments”  to  effectively  manage 
them,  Miller  said. 

“Certainly  the  idea  that  you 
can  manage  a  cluster  as  one 


zens  in  an  effort  to  uncover 
the  activities  of  suspected  ter¬ 
rorists.  That  fear  stems  from 
the  program’s  intent  to  rely  on 
a  mix  of  government,  intelli¬ 
gence  and  commercial  data¬ 
bases  to  mine  electronic  trans¬ 
actions,  such  as  airline-ticket 
purchases  and  car  rentals,  for 
indications  of  potential  terror¬ 
ist  activity. 

‘Synthetic  Data’  Only 

TIA  development  and  testing 
has  been  under  way  for  sever¬ 
al  months  at  the  Army’s  Intel¬ 
ligence  and  Security  Com¬ 
mand  at  Fort  Belvoir,  Va.  Pro¬ 
gram  officials  at  DARPA 
maintain  that  the  testing  proc¬ 
ess  relies  on  synthetic  data 
and  that  the  final  system 
would  focus  not  on  collection 
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The  U.S.  government’s  CIO  says  he  can 
save  $3  billion  in  IT  costs  over  five  years: 
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box  really  isn’t  there  yet,”  said 
Miller,  who  has  moved  part  of 
his  operations  to  high-end  Sun 
servers. 

IBM’s  continuing  faith  in 
the  high  end  was  demonstrat¬ 
ed  by  the  recent  launch  of  its 
z990  mainframe  system,  code- 
named  T-Rex. 

“Customers  are  seeing  value 
in  consolidating  to  high-end 
products,”  said  Michael  Bliss, 
IBM’s  program  director  for  sys¬ 
tems  consolidation  marketing. 

IBM  last  week  said  revenue 
in  its  most  recent  quarter  rose 
to  $21.6  billion,  a  10%  increase 
over  the  same  period  last  year. 
While  the  company  attributed 
the  strong  showing  largely  to 
software  and  services  rather 
than  hardware,  it  said  its  Intel 
and  Unix  server  sales  grew 
23%  and  20%,  respectively.  I 


VIRTUALLY  DOUBLED 

VMware’s  virtualization  software  will  now 
support  larger  applications  that  need  to  run 
on  two  CPUs: 
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but  on  analysis  of  “legally  ob¬ 
tained”  data.  Furthermore, 
data  would  first  be  made 
anonymous  before  intelligent 
software  agents,  not  human 
beings,  could  conduct  analy¬ 
sis,  according  to  program 
documents  obtained  by 
Computerworld. 

The  House  version  of  the 
bill,  passed  earlier  this  month, 
imposed  advance  notification 
and  authorization  require¬ 
ments  on  the  program  before 
funding  could  be  used  to  de¬ 
ploy  any  part  of  the  system. 
The  program’s  fate  will  be  de¬ 
termined  by  a  joint  House- 
Senate  conference  session. 

“From  an  intelligence  policy 
point  of  view,  something  like 
TIA  could  help  to  break  down 
the  arbitrary  barriers  to  infor¬ 
mation-sharing  that  have  long 
existed  among  government 
agencies,”  said  Steven  After- 
good,  director  of  the  Project 
on  Government  Secrecy  at  the 
Federation  of  American  Scien¬ 
tists  in  Washington.  “But 
DARPA  was  slow  to  address 
the  privacy  concerns  raised  by 
the  program.  Now  they  are 
paying  the  price.”  I 
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Value  of  Project  Management  Offices  Questioned 


Study  finds  focus  on  process,  not 
progress,  means  36%  of  IT  projects  ‘fail’ 


BY  THOMAS  HOFFMAN 

Most  companies  have  estab¬ 
lished  project  management 
offices  (PMO)  to  help  them 
enforce  standard  IT  processes 
during  IT/business  projects, 
according  to  a  recently  re¬ 
leased  report  by  Forrester 


Research  Inc.  But  many  PMOs 
continue  to  spend  too  much 
time  compiling  reports  for 
senior  management  and  not 
enough  time  ensuring  that 
projects  are  delivered  on  time 
and  within  scope. 

That  could  explain  why  the 


report  found  that  nearly  one- 
fifth  of  all  new  IT  projects  are 
completed  three  or  more 
months  late. 

“It’s  no  surprise  that  the 
presence  of  a  PMO  didn’t  have 
much  effect  on  project  failure 
rates,”  said  Tom  Pohlmann,  an 
analyst  at  Cambridge,  Mass.- 
based  Forrester  and  author  of 
the  report  “How  Companies 
Govern  Their  IT  Spending,” 


EMC  Introduces 
‘Metered’  Storage 


More  users  will 
have  access  to  pay- 
as-you-go  model 

BY  LUCAS  MEARIAN 

EMC  Corp.  last  week  intro¬ 
duced  a  remote  storage  meter¬ 
ing  device  that’s  designed  to 
allow  its  biggest  customers  to 
install  standby  storage  and 
network  bandwidth  capacity 
and  pay  only  for  what  they  use. 

EMC  said  its  OpenScale 
Automated  Billing  appliance 
is  being  offered  as  part  of  its 
OpenScale  storage  asset  and 
financial  management  pro¬ 
gram.  First  introduced  in  1999, 
the  OpenScale  program  has 
been  limited  to  50  to  100  EMC 
customers  because  its  manual 
reporting  process  required 
field  engineers  to  visit  cus¬ 
tomer  sites  to  determine  how 
much  storage  was  being  used. 

With  the  metering  device, 
the  OpenScale  program  now 
includes  a  server  with  soft¬ 
ware  installed  on-site  to  de- 

They  want  to 
sell  you  a  new 
frame  and  fully  pop¬ 
ulate  it  so  that  you 
pay  for  it  as  you  use 
it.  To  me,  that’s  a 
great  model. 

JIM  HULL.  VICE  PRESIDENT. 
MASTERCARD  INTERNATIONAL 


EMC’s  OpenScale 
Automated  Billing 
Program 

Storage  is  metered  via  a  remote 
server  over  a  Web  portal 

No  charge  for  standby  storage 

Storage  price  declines  are  factored 
in  when  standby  storage  is  used 

Designed  for  customers  with 
50TB  or  more  of  storage 


tect  and  monitor  every  storage 
device  and  application  being 
run  on  a  storage-area  network 
(SAN),  including  capacity, 
switch  ports  and  storage  soft¬ 
ware  licenses.  InfoLease,  the 
application  that  runs  on  the 

EMC-provided  _ 

server,  monitors 
storage  activity 
and  automatically 
sends  usage  re¬ 
ports  to  EMC  via  a 
Web  portal. 


MORE  ONLINE 

Read  more  at  our  Storage 
Knowledge  Center: 

©  QuickLink  k1700 
www.computerworld.com 


MasterCard  International 
Inc.  in  Purchase,  N.Y.,  man¬ 
ages  about  300TB  of  EMC- 
based  SAN  storage  and  50TB 
of  direct-attached  storage 
from  Sun  Microsystems  Inc., 
said  Jim  Hull,  vice  president  of 
computer  network  services. 

Hull  said  several  vendors, 
including  IBM  and  Sun,  are 
offering  different  types  of  on- 
demand  capacity.  For  instance, 
MasterCard  utilizes  IBM’s  on- 
demand  mainframe  capacity 
model.  Hull  said  he’s  interest¬ 


ed  in  EMC’s  program  because 
a  customer  pays  only  for  what 
it  uses.  “They  want  to  sell  you 
a  new  frame  and  fully  popu¬ 
late  it  so  that  you  pay  for  it  as 
you  use  it.  To  me,  that’s  a  great 
model,”  said  Hull.  EMC  said  it 
won’t  be  charging  any  fees  for 
standby  capacity. 

Bill  Raftery,  vice  president 
of  global  financial  services  at 
EMC  in  Hopkinton,  Mass., 
said  the  vendor’s  largest  cus¬ 
tomers  complain  that  current 
approaches  to  procuring  and 
deploying  additional  storage 
are  too  complex  and  expen¬ 
sive.  To  buy  extra  storage, 
more  than  a  dozen  people  are 
often  needed  to  sign  off  on  or¬ 
der  forms  at  customer  compa¬ 
nies.  The  process  can  take 
anywhere  from  six  to  nine 
months  to  complete  and  cost 
millions  of  dollars. 

EMC  said  OpenScale  pro¬ 
vides  automated  billing  for  its 
Symmetrix,  Clariion  and  Cel- 
erra  storage  arrays,  as  well  as 

_  its  Connectrix 

switches  and  Time- 
Finder  and  Sym¬ 
metrix  Remote 
Data  Facility  soft¬ 
ware.  Raftery  said 
EMC  is  targeting 
“hundreds”  of  customers  who 
run  50TB  of  storage  or  more 
for  the  metered  service. 

Tony  Prigmore,  an  analyst  at 
The  Enterprise  Storage  Group 
Inc.  in  Milford,  Mass.,  said 
EMC’s  metering  system  repre¬ 
sents  an  early  version  of  utility 
computing.  “I  don’t  know  that 
EMC’s  approach  works  for 
everyone  in  the  market,  but 
it’s  an  important  step  for  a 
certain  type  of  client . . .  seri¬ 
ous  consumers  of  storage,” 
Prigmore  said,  k 


published  June  30.  The  study 
is  based  on  telephone  inter¬ 
views  with  704  North  Ameri¬ 
can  IT  decision-makers  be¬ 
tween  late  April  and  June. 

Sixty-seven  percent  of  the 
respondents  said  their  organi¬ 
zations  have  one  or  more 
PMOs  —  either  inside  or  out¬ 
side  of  the  IT  department. 
That’s  up  from  53%  last  year. 

The  problem,  Pohlmann 
said,  is  that  too  many  PMOs 
serve  as  “process  cops  and  re¬ 
port  compilers”  for  executive 
teams  and  often  “lose  sight  of 
what  they’re  supposed  to  be 
doing  —  to  make  sure  projects 
are  running  effectively.” 

Dan  Garrow,  senior  vice 
president  of  information  sys¬ 
tems  and  CIO  at  Mohegan  Sun 
casino,  agreed  with  the  re¬ 
port’s  findings.  “We  have  a 
PMO,  which  has  frequently 
been  referred  to  as  the  ‘PMO 
police,’  ”  he  said. 

The  IT  department  at  the 
Uncasville,  Conn.-based  hotel 
and  casino  is  “working  hard  to 
overcome  that  perception,”  in 
part  by  trying  to  enlist  senior 
management  support  of  PMO 
concepts,  Garrow  said. 

In  addition,  IT  departments 
have  to  be  more  rigid  about 
which  projects  they’re  willing 
to  take  on,  he  said.  “IS  depart¬ 
ments  are  so  ingrained  with 
the  idea  of  being  a  service  or¬ 
ganization  that  to  say  no  to  a 
customer  is  almost  taboo,” 
said  Garrow.  He  advocated 
calling  on  executive  manage¬ 
ment  “to  assist  and,  in  many 
cases,  say  no  on  behalf  of  the 
IS  function  so  they  can  main¬ 
tain  the  customer  relationship 
with  user  departments.” 

For  this  study,  Forrester 
classified  a  project  as  a  “fail- 


M[PM0s]  lose 
sight  of  what 
they’re  supposed  to 
be  doing  -  to  make 
sure  projects  are 
running  effectively. 


TOM  POHLMANN,  ANALYST, 
FORRESTER  RESEARCH 


How  effective  would 
you  rate  your  PM0(s)  at 
improving  project  delivery 


in  your  organization? 

Chemicals  and  energy 


Manufacturing 


18%  55%  27% 


Technology  and  telecom 


16%  67%  16% 


Finance  and  insurance 


Distribution 


14%  56%  31% 


Services 


12%  66%  22% 


■  Very  effective 

■  Reasonably  effective 

■  Ineffective 


PERCENTAGES  ARE  ROUNDED. 

Base:  704  North  American  IT  decision¬ 
makers  from  a  telephone  survey  that  was 
conducted  from  late  April  to  June. 

SOURCE:  FORRESTER  RESEARCH  INC  . 
CAMBRIDGE,  MASS..  JUNE  2003 


ure”  if  it  was  delivered  one  to 
three  months  late  and  affected 
at  least  3,000  end  users.  Ac¬ 
cording  to  survey  respon¬ 
dents,  19%  of  their  application 
initiatives  were  delivered  at 
least  three  months  late,  and 
another  17%  were  one  to  three 
months  overdue. 

For  his  part,  Pohlmann  said 
he  doesn’t  expect  any  dramat¬ 
ic  improvements  in  IT  project 
delivery  rates,  because  of  IT 
management  apathy.  “I  think 
there  is  improvement  that  can 
be  achieved,  but  not  from  a 
project  management  method¬ 
ology  standpoint,  because 
those  have  been  around  for 
years,”  said  Pohlmann.  In¬ 
stead,  he  said,  business  units 
have  to  be  much  more  in¬ 
volved  with  IT  departments 
on  a  project’s  requirements 
throughout  its  entire  life  cycle. 

Don  Christian,  a  partner  at 
New  York-based  Pricewater- 
houseCoopers,  said  he  be¬ 
lieves  Forrester’s  decision  to 
use  a  one-to-three-month 
project  delay  as  part  of  the  cri¬ 
teria  is  too  harsh.  “Our  experi¬ 
ences  have  found  that  one-to- 
three-month  delays  on  proj¬ 
ects  might  be  palatable  if  they 
end  up  meeting  their  original 
business  benefits,”  he  said.  I 
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HP  Storage  VP 
Moves  to  EMC 

Hewlett-Packard  Co.  confirmed 
last  week  that  Mark  Sorenson, 
vice  president  of  its  storage  soft¬ 
ware  division,  left  earlier  this 
month  to  accept  a  position  in 
EMC  Corp.’s  Open  Software 
Division  alongside  former  HP 
colleague  Mark  Lewis.  Lewis 
became  EMC’s  chief  technology 
officer  about  a  year  ago  and  now 
heads  EMC’s  Open  Software  di¬ 
vision.  Frank  Harbist,  formerly 
vice  president  and  general  man¬ 
ager  of  HP’s  Nearline  Storage 
Division,  will  replace  Sorenson. 


Sybase  Broadens 
Support  for  Linux 

Sybase  Inc.  last  week  launched 
a  Linux  Competency  Center  in 
New  York  and  said  it  plans  to 
port  all  of  its  software  to  Linux 
by  next  year.  Dublin,  Calif.-based 
Sybase  already  offers  its  Adap¬ 
tive  Server  Enterprise  relational 
database  and  several  other  prod¬ 
ucts  on  Linux.  Products  yet  to  be 
ported  include  the  Sybase  IQ  an¬ 
alytical  database  and  the  Sybase 
Integration  Suite. 


Adobe  Announces 
Form  Design  Tool 

Adobe  Systems  Inc.  last  week 
announced  XML/PDF  Form  De¬ 
signer,  which  will  enable  users 
to  create  electronic  forms  that 
process  data  using  Adobe  Acro¬ 
bat  software  or  XML  Data  Pack¬ 
age.  San  Jose-based  Adobe  said 
the  graphical  tool,  to  be  available 
early  next  year,  will  allow  com¬ 
panies  to  include  XML  schemas 
when  creating  forms. 


Short  Takes 

PEOPLESOFT  INC.  and  AMERICA 
ONLINE  INC.  signed  a  deal  to  in¬ 
tegrate  AOL’s  Instant  Messenger 
software  into  PeopleSoft  appli¬ 
cations.  . . .  ACCENTURE  LTD. 
said  it  exceeded  net  revenue  and 
earnings  expectations  for  its 
third  quarter. 
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MARK  HALL  ■  ON  THE  MARK 

Elaborate  Spam  Defenses 
Complicate  IT . . . 

. . .  infrastructure  but  may  be  the  only  way  to  weed  out  the  tiresome, 
resource-robbing  e-mails  from  smarmy  marketers,  tedious  pornogra- 
phers  and  former  Nigerian  officials  seeking  your  bank  account  num¬ 
ber  since  their  weapons  of  mass  destruction  scams  have  been  uncovered. 
That’s  the  message  from  vendors  who  are  rolling  out  multitiered  prod¬ 
ucts  to  defeat  spammers’  missives  before  they  reach  corporate  desk¬ 
tops.  One  of  those  vendors  is  Webwasher  AG,  which  next  week  will 


spin  off  SpamEquater  Prime  from  its  in¬ 
tegrated  Content  Security  Management 
Suite.  CEOs  can  easily  see  how  spam 
hurts  a  company’s  productivity  since 
they,  too,  are  victims,  says  Webwasher 
Vice  President  Frances  Schlosstein.  She 
claims  that  as  much  as  half  of  all  e-mail 
coming  into  some  companies  is  spam, 
with  the  result  being  high-level  executives 
storming  into  IT’s  offices  and  demanding 
immediate  fixes.  That  makes  it  easier  to 
sell  spam-specific  products  rather  than 
more  strategic,  integrated 
security  packages,  which 
cost  more.  “Spam  has  the 
CEO’s  attention  now,” 

Schlosstein  says.  Spam¬ 
Equater  Prime  employs  a 
“method  mix”  to  rid  your 
network  of  spam,  includ¬ 
ing  using  proprietary 
header  and  body  text 
rules  to  ferret  out  un¬ 
wanted  messages,  she 
says.  Bart-Jan  Schumann, 
general  manager  for  ser¬ 
vice  and  support  at  Web- 
washer’s  headquarters  in 
Paderborn,  Germany, 
adds  that  it’s  vital  to  bal¬ 


ance  spam  blocking  with  the  need  to 
eliminate  false  positives.  “You  don’t  want 
to  lose  a  key  sales  contract  in  e-mail  be¬ 
cause  some  software  blocked  it,”  he  says. 
That’s  why  administrators  are  able  to 
employ  two  levels  of  confinement  for 
suspect  messages,  with  SpamEquater 
Prime  on  a  central  server,  the  end  user’s 
desktop,  or  both.  ■  Believe  it  or  not,  it’s 
been  only  during  “the  last  180  days  that 
there’s  been  a  tremendous  uptick  in  the 
volume  of  spam,”  says  David  Staas,  direc¬ 
tor  of  market  develop¬ 
ment  at  Redwood  City, 
Calif. -based  Openwave 
Systems  Inc.  That  spam 
avalanche  is  making 
Openwave’s  three-tiered 
approach  to  fighting 
spam  with  its  Mx  6  prod¬ 
uct  attractive.  “It’s  no 
longer  sufficient  to 
delete  it  to  get  rid  of  it,” 
Staas  argues.  “You  need  a 
long-term  strategy  be¬ 
cause  spammers  inno¬ 
vate  constantly.”  He 
points  out  that  the  life  of 
a  spammer’s  IP  address  is 
“about  20  minutes,”  mak¬ 


ing  it  almost  useless  to  rely  on  tools  that 
depend  on  blocking  offending  IP  sources. 
The  first  tier  of  Mx  6’s  defense  system, 
which  is  deployed  on  powerful  Unix 
servers  on  the  edge  of  the  network,  elimi¬ 
nates  most  spam.  Additional  screening 
applications  on  another  layer  of  servers 
process  the  remaining  messages,  and 
desktop  tools  clean  up  the  dregs.  Open- 
wave  is  mulling  using  Linux  as  a  server 
for  an  upcoming  release  because  it  can 
help  keep  end-user  costs  down.  The  next 
spam  battleground,  says  Staas,  will  be 
mobile  devices.  That’s  because  by  2004, 
if  will  be  possible  to  send  SMS  messages  to 
countless  handhelds  from  a  single  PC, 
eliminating  the  cost  of  sending  such  mes¬ 
sages  from  another  mobile  device.  Some¬ 
where,  that’s  called  progress.  ■  All  that 
spam  is  probably  hogging  loads  of  stor¬ 
age  on  your  storage-area  network,  forc¬ 
ing  you  to  reconfigure  it  constantly.  And 
for  most  sites,  that  means  rebooting  your 
server.  Well,  that  hassle  is  over,  so  long  as 
you  are  using  Solaris  servers  and  Fibre 
Channel  host  bus  adapters  (HBA)  from 
JNI  Corp.  in  San  Diego.  Starting  today, 
users  of  JNI’s  Version  5.3  of  its  Solaris 
drivers  with  the  company’s  FCX-6562 
HBAs  won’t  need  to  reboot  their  servers  after 
everyday  tasks  such  as  driver  updates  and 
logical  unit  number  reconfiguration.  The 
upgrade  is  free  for  existing  users.  ■  Intel 
Corp.  celebrated  its  35th  birthday  last  Fri¬ 
day  by  using  history  to  look  into  the  fu¬ 
ture  fast  coming  upon  us.  For  example, 
the  company  pointed  out  that  it  took  29 
years  to  advance  from  108  KHz  on  the 
company’s  4004  microprocessor  to  1  GHz 
on  the  Pentium  III,  but  only  18  months  to 
jump  to  2  GHz  on  the  P4.  Intel’s  senior  vice 
president  for  servers,  Mike  Fister,  a  19- 
year  veteran  with  the  company,  claims 
that  today’s  server  performance  will  leap 
tenfold  by  2008  and  have  even  more  ad¬ 
vanced  self-management  features.  But  will 
they  stop  spam?  I 


Managed  SOAP 


t  45- 


Actional  Corp.  in  Mountain 
View,  Calif.,  tomorrow  will 
release  the  latest  version  of 
its  Web  services  manage¬ 
ment  software,  SOAPstation 
4.1.  The  upgrade  adds  tools 
so  developers  can  better  au¬ 
tomate  management  policy 
changes  into  development 
processes.  Version  4.1  also 
boosts  its  fault  tolerance  with 
new  clustering  capabilities. 
Pricing  starts  at  850,000. 


Peer-to-Peer  File-Sharing  Threat  Spreads 


BY  TODD  R.  WEISS 

Unauthorized  peer-to-peer 
file  sharing  on  corporate  net¬ 
works  appears  to  be  far  more 
widespread  than  many  compa¬ 
nies  realize. 

In  a  study  of  P2P  file  shar¬ 
ing  at  560  companies,  Ottawa- 
based  AssetMetrix  Research 
Labs  found  that  employees  at 
77.1%  of  those  companies  en¬ 
gaged  in  Web-based  file  shar¬ 
ing  during  the  past  14  months. 
Some  businesses  had  P2P  pro¬ 
grams  on  as  many  as  58%  of 


their  PCs,  according  to  the 
study,  which  was  released  last 
week.  About  1  in  25  employees 
were  found  to  be  using  the 
P2P  applications. 

Aside  from  resource¬ 
sapping  and  security  issues 
stemming  from  unauthorized 
downloads,  corporations 
could  find  themselves  legally 
liable  for  copyright  infringe¬ 
ment,  legal  experts  said. 

AssetMetrix  posted  its  P2P- 
Tracker  analysis  program  on 
its  Web  site  [QuickLink  a3500] 


to  allow  companies  to  check 
their  networks  for  unautho¬ 
rized  P2P  applications.  It 
can  be  downloaded  for  free 
through  Aug.  31. 

Paul  Bodnoff,  president 
and  chief  operating  officer  of 
AssetMetrix,  said  his  hosted  IT 
asset  management  services 
business  added  the  P2P  detec¬ 
tion  service  to  address  escalat¬ 
ing  legal  liability  threats.  The 
software  will  identify  instances 
of  P2P  clients,  but  companies 
have  to  pay  for  additional 


analysis.  The  cost  of  a  60-day 
monitoring  subscription  is  $5 
per  desktop,  or  $16  per  desktop 
for  an  annual  contract. 

Some  companies  said  that 
they’re  monitoring  P2P  use 
on  their  own.  Phil  Jackman, 

IS  manager  at  Ottawa-based 
medical  equipment  supplier 
World  Heart  Corp.,  said  most 
employees  are  prohibited 
from  installing  applications 
on  company  computers.  He 
said  his  company  hired  Asset¬ 
Metrix  a  year  ago  to  inventory 
its  computers  and  software  li¬ 
censes,  but  it  won’t  need  the 
additional  P2P  monitoring.  ft 
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CA  Users  Get  an  Earful  on  Sonar’s 
Promise  of  Automated  Management 


Laud  strategy  for  maximizing  resources 


BY  MARC  L.  SONGINI 

LAS  VEGAS 

Boosting  the  automation  of 
security  and  systems  manage¬ 
ment  was  Computer  Associ¬ 
ates  International  Inc.’s  key 
focus  at  last  week’s  CA  World 
2003  user  conference  here. 

The  effort  is  built  around 
a  new  architecture  dubbed 
Sonar  that  CA  will  begin  to 
roll  out  later  this  year.  The 
technology  aims  to  dynami¬ 
cally  and  securely  allocate 
available  server  or  storage  re¬ 
sources  to  the  business  proc¬ 
esses  that  are  most  important 
at  a  particular  point  in  time. 

Over  the  past  several  years, 
CA  has  been  steadily  enhanc¬ 
ing  its  software  to  help  IT 
shops  prioritize  resource  allo¬ 
cation.  But  the  Sonar  technol¬ 
ogy  for  the  first  time  will  auto¬ 
mate  management  according 
to  predefined  business  rules. 

In  a  keynote  speech,  CEO 
Sanjay  Kumar  explained  that 
Sonar  will  look  for  IT  assets, 
catalog  them  and  then  decide 
how  they  will  be  delivered 
to  support  a  particular  busi¬ 
ness  process.  Sonar  will  be 
embedded  in  CA  products 
rather  than  sold  as  a  stand¬ 
alone  product,  according  to 
the  company. 

Pieces  of  Sonar  technology 
will  start  to  appear  early  in  the 
fourth  quarter.  Already  in  beta 
is  the  Unicenter  NSM  Dynam¬ 
ic  Reconfiguration  Option 
for  VMware  Software,  which 
dynamically  decides  what  re¬ 
sources  are  needed  to  meet 
performance  requirements. 
Also  in  beta  is  the  BrightStor 
Process  Automation  Manager, 
which  will  handle  the  provi¬ 
sioning  of  storage  resources 
across  multiple  platforms.  It 


LIKIN6  LINUX 

Users  liked  what  CA  had  to  say  about  Linux 
at  the  CA  World  conference: 

QuickLink  39970 
www.computerworld.com 


will  ship  in  120  days. 

Several  users  at  the  confer¬ 
ence  said  they  would  be  inter¬ 
ested  in  Sonar  if  CA  delivers 
on  the  promise. 

The  technology  might  help 
address  the  demand  to  cut 
down  on  the  costs  of  idle 
hardware  and  the  people 
needed  to  manage  it,  said 
Clark  Ammons,  production 
and  systems  manager  of  infor¬ 
mation  systems  at  Washington 
University  in  St.  Louis. 

Some  of  the  university’s 
servers  remain  idle  most  of 
the  time  but  are  needed  for 
occasional  spikes  in  demand, 
such  as  when  students  are 
registering  for  classes,  Am- 


IBM  is  first  major 
reseller  of  Cisco’s 
IP  storage  switch 

BY  LUCAS  MEARIAN 

IBM  last  week  penned  a  multi- 
million-dollar  global  server 
and  storage  consolidation  deal 
with  AXA  Technology  Ser¬ 
vices  that  represents  the 
largest  deployment  of  Cisco 
Systems  Inc.’s  multiprotocol 
switch  to  date. 

As  part  of  the  announce¬ 
ment,  Cisco  said  IBM  has  be¬ 
come  the  first  major  vendor 
to  begin  reselling  IP  storage 
blades  for  its  MultiLayer  Data¬ 
center  Switches  (MDS). 

The  MDS  9000  switch  ports, 
which  can  include  IP  storage 
modules,  allow  users  to  man¬ 
age  remote  storage  devices 
over  storage-area  networks 
(SAN)  via  the  Internet  SCSI 
(iSCSI)  protocol.  The  switch 
ports  also  let  users  tunnel  be¬ 
tween  SANs  for  disaster  recov¬ 
ery  using  the  Fiber  Channel 


New  Products 


Among  CA’s  other  product 
announcements  last  week: 

■  Unicenter  Web  Services 
Distributed  Management:  Dis¬ 
covers,  monitors  and  manages 
Web  services.  Currently  in  beta, 
will  be  available  by  year’s  end. 

■  BrightStor  ARCserve 
Backup  Version  10:  Speeds 
up  the  recovery  of  crashed  Win¬ 
dows  systems.  Will  be  released 
in  the  fourth  quarter. 


mons  said.  That  hardware 
could  be  better  exploited  dur¬ 
ing  downtimes,  allowing  the 
university  to  make  do  with 
what  it  has  rather  than  having 
to  buy  new  servers. 


over  IP  (FCIP)  protocol. 

IBM  Global  Services  and 
Cisco  said  the  deal  with  AXA 
Technology  Services,  the  in- 
house  IT  services  arm  of  Paris- 
based  financial  services  firm 
AXA  Group,  will  result  in  the 
deployment  of  at  least  8,000 
Cisco  MDS  9000  switch  ports 
over  the  next  six  years. 

Part  of  the  Plan 

Scott  Drummond,  program  di¬ 
rector  for  storage  networking 
at  IBM,  said  the  AXA  consoli¬ 
dation  is  part  of  a  $1  billion 
on-demand  computing  deal 
that  IBM  and  AXA  signed  in 
February. 

AXA  has  begun  consolidat¬ 
ing  servers,  mainframes  and 
storage  devices  in  the  U.S., 
France,  Germany  and  the 
U.K.,  and  it  plans  to  deploy 
almost  2,000  SAN  switch 
ports  in  the  first  year  of  the 
rollout.  After  the  first  year, 
another  6,000  ports  will  be  in¬ 
stalled  in  data  centers  in  Bel¬ 
gium  and  Australia. 


IBM,  Cisco  Ink  Deal  With 
AXA  for  8,000  Switch  Ports 


“I’d  be  foolish  not  to  look  at 
[Sonar],”  Ammons  said. 

It  appears  CA  may  be  the 
first  vendor  to  deliver  policy- 
driven  software  that  works 
on  a  business-process  level, 
said  Rick  Ptak,  an  analyst  at 
Ptak  &  Associates  Inc.  in 
Amherst,  N.H. 

CA  also  announced  the  roll¬ 
out  of  eTrust  Vulnerability 
Manager,  which  IT  shops  can 
use  proactively  to  discover 
and  correct  security  vulnera¬ 
bilities  in  the  enterprise.  The 
software  comes  bundled  on 
what  CA  is  calling  a  rack- 
mountable  Dell  Computer 
Corp.  appliance  running  Win¬ 
dows  2000  Server. 

The  product  will  prioritize 
systems  by  their  business  val¬ 
ue,  checking  them  against  an 


Ron  Roberts,  global  pro¬ 
gram  manager  for  server/ 
storage  consolidation  at  AXA, 
said  the  company  chose  Cisco 
because  its  “strength  in  switch¬ 
ing  is  unprecedented.” 

AXA  has  already  installed  a 
number  of  MDS  9000  switch¬ 
es  and  is  testing  them  for  per¬ 
formance,  feature  functions 
and  interoperability,  said 
Roberts.  AXA  will  standardize 
on  the  storage  switch  as  it  con¬ 
solidates  from  15  SANs  in  six 


internal  database  that  contains 
a  catalog  of  more  than  6,000 
vulnerabilities.  It  automatical¬ 
ly  creates  a  remediation  check¬ 
list  that  IT  staffers  can  use  to 
fix  problems. 

The  tool  caught  the  eye 
of  Denis  Ball,  lead  network 
engineer  for  IT  at  the  Col¬ 
orado  Springs  School  District, 
who  said  it  could  help  speed 
the  process  of  battening  down 
his  network.  The  school  dis¬ 
trict  currently  runs  Unicenter 
systems  management  software 
and  several  security  tools 
from  CA. 

In  Ball’s  organization, 
students  like  to  hack  into  the 
network,  so  “the  more  vulner¬ 
ability  we  can  get  out  of  the 
network,  the  less  chance  for 
[their]  real  success,”  he  said. 

Pricing  for  eTrust  Vulner¬ 
ability  Manager  starts  at 
$25,000  per  appliance  plus  $2 
per  node  per  month.  It  sup¬ 
ports  systems  running  Win¬ 
dows,  Linux  and  Unix,  and  is 
shipping  now.  I 


countries  to  roughly  one  SAN 
per  country. 

Roberts  declined  to  put  a 
price  tag  on  the  AXA  consoli¬ 
dation  project. 

The  AXA  deal  “definitely 
proves  the  viability  of  the 
Cisco  switch,”  said  Nancy 
Marrone-Hurley,  an  analyst 
at  Enterprise  Storage  Group 
Inc.  in  Milford,  Mass.  “No 
way  would  IBM  risk  losing 
that  size  deal  by  going  with 
anything  but  the  best.” 

Cisco  has  been  offering 
blades  for  its  MDS  9000  prod¬ 
ucts  that  support  both  the 
iSCSI  and  FCIP  protocols 
since  August  2002. 

FCIP  is  a  method  for  con¬ 
necting  two  or  more  SANs  by 
encapsulating  Fibre  Channel 
frames  in  IP  headers  for  trans¬ 
port  over  long  distances  via 
Ethernet.  The  iSCSI  protocol 
is  used  to  facilitate  data  trans¬ 
fers  over  LANs  and  manage 
storage  over  long  distances 
via  Ethernet. 

The  IP  modules  are  now 
available  on  Cisco’s  MDS 
9216  switches  and  on  its  9509 
and  9506  directors,  which 
sport  224  ports  and  128  ports, 
respectively.  > 


2  This  level  of  availability  is  dependent  on  many  factors  outside  of  the  operating  system. 
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Cybersecurity 

message  that  the  White  House 
no  longer  cares  about  this  is¬ 
sue,”  said  Richard  Clarke,  for¬ 
mer  chairman  of  the  Presi¬ 
dent’s  Critical  Infrastructure 
Protection  Board.  “They  will 
eventually  find  someone  who 
will  agree  to  do  it  anyway,  but 
they  will  be  so  hamstrung  that 
it  will  take  at  least  a  year  to  re¬ 
gain  the  capability  that  we  had 
in  2001.” 

Clarke  is  now  chairman 
of  Arlington,  Va.-based  Good 
Harbor  Consulting  LLC 
[QuickLink  39804]. 

A  former  senior  administra¬ 
tion  official  who  requested 
anonymity  said  many  of  the 
candidates  who  possess  the 
skills  necessary  to  do  the  job 
are  senior  executives  in  the 
private  sector  who  are  con¬ 
cerned  about  a  lack  of  authori¬ 
ty  in  a  position  that  will  re¬ 
quire  a  significant  amount  of 
cross-agency  collaboration. 

In  addition,  many  are  wary 
of  what  the  official  character¬ 
ized  as  “an  axis  of  evil”  com¬ 
prising  the  National  Economic 
Council,  the  Office  of  Science 
and  Technology  Policy  and 
the  Office  of  Management  and 
Budget  (OMB)  —  agencies 
that  have  sought  to  redirect 
the  administration’s  attention 
to  other  priorities. 

A  senior  DHS  official,  who 
also  requested  anonymity,  said 
two  candidates  have  been 
identified  for  the  position  and 
have  said  they  are  willing  to 
accept  the  job.  However,  the 
official  said  that  Robert  P.  Lis- 
couski,  assistant  secretary  for 
infrastructure  protection  at  the 
DHS,  seems  to  be  holding  out 
for  a  high-profile  executive 
with  impeccable  qualifications. 

The  person  who  steps  up  to 
the  challenge  will  likely  do  so 
out  of  a  sense  of  duty  and  patri¬ 
otism,  not  because  of  the  way 
the  DHS  is  managing  the  effort, 
according  to  a  half-dozen  se¬ 
nior  IT  industry  executives  in¬ 
terviewed  for  this  story. 

“For  a  person  to  take  this 
job,  they  have  to  be  comfort¬ 
able  with  the  laissez-faire  ap¬ 
proach  toward  IT  security, 
which  I’m  not  comfortable 


with,”  said  John  Copeland, 
chairman  and  chief  scientist 
at  Lancope  Inc.,  an  intrusion- 
detection  system  vendor  in 
Alpharetta,  Ga. 

“I  think  I  could  be  more  ef¬ 
fective  outside  the  govern¬ 
ment,”  Copeland  said.  “The 
people  who  are  really  quali¬ 
fied  are  probably  in  positions 
where  they  are  really  accom¬ 
plishing  things.  You’re  not  go¬ 
ing  to  find  an  effective  securi¬ 
ty  manager  who’s  out  of  work 
and  looking  for  a  job.  You  have 
to  entice  them.” 

The  Chain  of  Command 

Maria  Cirino,  co-founder  and 
CEO  of  Guardent  Inc.,  a  man¬ 
aged  security  services  firm  in 
Waltham,  Mass.,  said  it  would 
take  a  direct  line  to  Homeland 
Defense  Secretary  Tom  Ridge 
for  her  to  consider  such  a  posi¬ 
tion.  The  departures  of  Clarke 
and  his  successor,  Howard 
Schmidt  [QuickLink  38015], 
were  sealed  when  it  became 
clear  that  their  positions 


“were  being  rele¬ 
gated  to  window 
dressing,”  said 
Cirino.  At  best,  the 
administration’s 
current  position  on 
cybersecurity  is 
hypocritical  and 
will  change  only 
with  a  catastrophic 
incident,  she 
added. 

Jerry  Harold,  co¬ 
founder  of  security 
consulting  firm 
NetSec  Inc.  in 
Herndon,  Va.,  and 
vice  president  of 
its  government  so¬ 
lutions  group,  said 
a  lot  of  questions 
about  the  reporting 
structure  would  have  to  be  an¬ 
swered  before  he  would  even 
consider  the  job. 

“I  would  be  four  layers 
down  from  the  secretary  but 
given  a  mandate  to  handle  na¬ 
tional  priorities,”  he  said.  In 
addition  to  having  Congress 


overseeing  his 
activities,  Harold 
said,  the  unde¬ 
fined  relationship 
with  the  director 
of  the  OMB,  who 
is  responsible  for 
overseeing  the 
government’s  inci¬ 
dent  response  ca¬ 
pability,  could 
cause  additional 
political  problems. 

“There,  I  [would 
be]  down  at  the 
bottom  of  the  or¬ 
ganization  as  some 
kind  of  cog,”  said 
Harold.  “Security 
managers  in  indus¬ 
try  have  a  respon¬ 
sibility  to  create 
and  enforce  policy  across  the 
entire  organization,  and  they 
work  from  the  top  of  the  man¬ 
agement  chain  down.  And  yet 
the  government  has  them 
buried  down  in  the  structure 
where  they’re  little  more  than 
a  project  manager.” 


H  You’re  not 
going  to 
find  an  effective 
security  manager 
who’s  out  of 
work.  You  have 
to  entice  them. 


JOHN  COPELAND, 
chairman  and  chief 
scientist,  Lancope  Inc. 


Tom  Goodman,  vice  presi¬ 
dent  of  operations  at  Bluefire 
Security  Technologies,  a  wire¬ 
less  security  company  in  Balti¬ 
more,  said  that  if  asked,  he 
would  accept  the  position  out 
of  a  sense  of  duty.  But  he  still 
has  concerns  about  the  cur¬ 
rent  reporting  structure. 

“Having  the  ear  of  the  sec¬ 
retary  would  be  enough,”  he 
said.  “[But]  it  should  not  be  a 
dotted  line.  It  should  be  a  di¬ 
rect  report,  and  it  should  be  at 
the  assistant  secretary  or 
deputy  secretary  level.” 

David  Wray,  a  spokesman 
for  the  DHS,  said  appointing 
an  adviser  for  cybersecurity  at 
the  assistant  secretary  or 
deputy  secretary  level  “would 
be  completely  dysfunctional” 
and  out  of  proportion  for  what 
is  only  one  component  of  crit¬ 
ical  infrastructure. 

Wray  noted  that  the  DHS 
has  made  clear  its  intent  to 
integrate  the  management  of 
physical  security  and  cyber¬ 
security.  I 
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Microsoft  Deal 

alternative  sources  for  its  soft¬ 
ware. 

On  June  25,  Gates  met  with 
Ridge  and  other  leaders  on 
Capitol  Hill.  And  on  June  27, 
the  DHS  signed  a  contract 
with  the  company  for  server 
and  desktop  software  for  ap¬ 
proximately  140,000  users. 

The  DHS  described  the  con¬ 
tract  as  a  critical  step  in  the 
department’s  efforts  to  estab¬ 
lish  a  common  computing  en¬ 
vironment  for  its  22  formerly 
independent  agencies. 

But  with  the  discovery  on 
July  16  of  a  critical  security 
flaw  affecting  nearly  every 
version  of  the  Windows  oper- 

B  Now  [the  DHS] 
is  held  hostage 
to  the  imperfections 
of  Microsoft  code¬ 
writing. 

ROGER  CRESSEY,  FORMER  CHIEF 
OF  STAFF.  PRESIDENT'S  CRITICAL  IN¬ 
FRASTRUCTURE  PROTECTION  BOARD 


ating  system  —  including 
Windows  Server  2003,  the 
first  product  to  be  sold  under 
Microsoft’s  so-called  Trust¬ 
worthy  Computing  initiative 
—  some  security  experts  are 
warning  that  the  DHS  may 
have  backed  itself  into  a  secu¬ 
rity  quagmire. 

Options  Were  Open 

“They  had  a  choice,  but  it 
would  have  been  costly  and 
time-consuming,”  said  Roger 
Cressey,  former  chief  of  staff 
of  the  President’s  Critical  In¬ 
frastructure  Protection  Board. 

“The  real  alternative  was  to 
go  open-source.  But  for  22 
agencies,  an  overwhelming 
majority  of  which  use  nothing 
but  Microsoft  operating  sys¬ 
tems,  to  convert  to  another 
platform  in  an  efficient  and 
cost-effective  manner  would 
have  been  hard  to  accom¬ 
plish,”  said  Cressey.  “DHS  has 
neither  the  time,  the  money, 
nor  the  flexibility  for  that. 
Now  it  is  held  hostage  to  the 
imperfections  of  Microsoft 
code-writing.” 

DHS  CIO  Steve  Cooper, 
who’s  leading  the  massive  in¬ 
tegration  effort,  didn’t  return 


Computerworld’s  calls  seeking 
comment. 

Microsoft  spokesman  Keith 
Hodson  said  no  software  has 
yet  been  shipped  to  the  DHS 
under  the  recent  contract,  so 
the  department  will  receive 
software  with  the  necessary 
patches.  Hodson  also  said  that 
as  recently  as  Friday,  the  DHS 
reaffirmed  its  confidence  in  Mi¬ 
crosoft’s  ability  to  handle  any 
security  problems  that  arise. 

A  former  senior  Microsoft 
executive  who  spoke  on  con¬ 
dition  of  anonymity  said  he 
has  “yet  to  find  someone 
who’s  come  up  with  a  defini¬ 
tive,  unbiased  white  paper  on 
the  pros  and  cons  of  relying 
on  a  single  software  vendor” 
for  all  or  most  of  an  organiza¬ 
tion’s  IT  infrastructure. 

Rafael  Nunez,  a  former 
hacker  now  employed  as  a  se¬ 
curity  expert  at  Scientech  Inc. 
in  Gaithersburg,  Md.,  said  that 
although  standardizing  on  a 
single  software  platform  makes 
it  easier  for  hackers  to  pene¬ 
trate  different  parts  of  an  en¬ 
terprise,  the  DHS  would  have 
been  far  less  secure  had  it  de¬ 
ployed  open-source  software. 

“There’s  a  reason  the  gov¬ 


ernment  doesn’t  buy  open- 
source  software,”  said  Nunez. 
“They  don’t  buy  it  because 
they  know  that  every  hacker 
and  software  cracker  can 
study  the  code  for  exploits.”  I 
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Windows  Raw 


protocol  that  deals  with  mes¬ 
sage  exchange  over  TCP/IR  It 
allows  attackers  to  take  over  a 
victim’s  system  and  install  ma¬ 
licious  code;  view,  modify  or 
delete  data;  or  create  new  user 
accounts. 

“It  is  probably  the  most  seri¬ 
ous  vulnerability  that  we  have 
seen  from  Microsoft  in  the 
past  12  to  18  months,”  said 
Chris  Rouland,  director  of  In¬ 
ternet  Security  Systems  Inc.  in 
Atlanta. 

The  flaw  —  word  of  which 
followed  the  announcement  of 
another  major  Windows  vul¬ 
nerability  only  a  week  before 
[QuickLink  39744]  —  high¬ 
lights  the  continuing  chal¬ 
lenge  that  users  face  in  secur¬ 
ing  Microsoft  software,  said 
Scott  Loach,  senior  informa- 
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Corporate  Security  Still  Lacks 
Focus  Two  Years  After  9/11 

Survey  finds  that  most  companies  have 
avoided  centralized  security  oversight 


BY  DAN  VERTON 

fter  the  terrorist 
attacks  of  Sept.  11, 
2001,  many  CEOs 
were  surprised  to 
learn  just  how  decentralized 
their  security  management 
structures  were.  But  that  sur¬ 
prise  hasn’t  yielded  much 
change,  according  to  a  new 
survey. 

The  survey  results,  re¬ 
leased  earlier  this  month  by 
Alexandria,  Va.-based  Amer¬ 
ican  Society  for  Industrial 
Security  International  Inc. 
(ASIS),  showed  that  most 
companies  have  steered  away 
from  centralized  management 
and  strategic  oversight  of  se¬ 
curity,  instead  spending  more 
money  on  insurance  as  a 
protection. 

“High-level  reporting  and 
accountability  are  still  the  ex¬ 
ception  rather  than  the  rule  in 
corporate  security  manage¬ 


ment,”  according  to  the  sur¬ 
vey,  which  polled  more  than 
300  security  and  risk  man¬ 
agers.  “While  one  quarter  of 
companies  have  a  chief  securi¬ 
ty  officer  [CSO],  most  of  the 
remainder  do  not  appear  to 
have  much  interest  in  creating 
the  position.” 

In  addition,  while  security 
spending  since  Sept.  11  has  in¬ 
creased  on  average  by  only 
4%,  corporate  spending  for  in¬ 
surance  premiums  has  jumped 
by  33%.  One-fifth  of  the  com¬ 
panies  surveyed  reported  a 
doubling  of  insurance  spend¬ 
ing  since  Sept.  11. 

Where  the  Money  Goes 

Mary  Ann  Davidson,  CSO 
at  Oracle  Corp.,  said  insurance 
without  a  solid  organizational 
structure  is  fruitless. 

“Purchasing  expensive  in¬ 
surance  for  security  without 
improving  your  operational 


security  is  like  buying  new 
drapes  for  a  dirty  house,”  she 
said.  “Organizations  need  to 
clean  house  first  through  bet¬ 
ter  operational  security  and 
then  use  insurance  to  mitigate 
the  remaining  risk.” 

But  therein  lies  another 
problem,  said  MacDonnell 
Ulsch,  managing  director  of 
Janus  Risk  Management  Inc. 
in  Marlboro,  Mass.  “Compa¬ 
nies  have  not  yet  fully  grasped 
how  to  embrace  enterprise 
risk,”  said  Ulsch.  And  while 
companies  are  earmarking  ad¬ 
ditional  funds  for  security,  he 
said,  “bigger  budgets  don’t 
translate  seamlessly  into  bet¬ 
ter  security.” 

The  real  question  that  needs 
to  be  answered,  according  to 
Ulsch,  is  how  the  4%  increase 
was  spent.  “Did  the  right  pro¬ 
grams  get  funded?  Were  com¬ 
panies  thinking  of  risk  from  a 
holistic  viewpoint,  or  did  they 
invest  in  expensive  point  solu¬ 
tions  guaranteed  to  prevent  a 
meltdown?”  he  said. 

The  CIO  at  a  global  auction 


company,  who  spoke  on  con¬ 
dition  of  anonymity,  said  that 
despite  the  increasing  risks 
most  companies  face,  profit 
margins  are  simply  too  narrow 
to  justify  many  new  security 
programs. 


With  respect  to  the  organi¬ 
zational  and  oversight  chal¬ 
lenges,  having  a  single  person 
be  responsible  for  security  is 
critical,  the  CIO  said. 

Companies  “that  do  not 
have  a  CSO  lack  a  focal  point 
for  the  true  accumulation  and 
measurement  of  risk  and  as  a 
result  do  not  make  business 
decisions  based  on  the  total 
risk  picture,”  he  said.  “As 
CIOs,  we  have  to  make  up  for 
that  gap.”  I 
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tion  security  engineer  at  Ray¬ 
mond  James  Financial  Inc.,  a 
financial  services  firm  in  St. 
Petersburg,  Fla. 

Raymond  James  had  just 
completed  patching  500  Win¬ 
dows  servers  against  the  pre¬ 
vious  flaw  and  is  now  scram¬ 
bling  to  protect  its  systems 
against  the  new  vulnerability. 

The  frequency  with  which 
such  patching  is  needed  has 
prompted  the  company  to 
consider  automated  patching 
technology,  Loach  said. 

“We’ve  had  endless  meet¬ 
ings  with  Microsoft  about  the 
state  of  their  security  and  the 
way  these  patches  come  out 
and  the  trouble  it  causes  us,” 
Loach  said.  “It’s  just  what  you 
have  to  live  with”  when  deal¬ 
ing  with  Microsoft,  he  added. 

The  flaw  discovered  last 
week  “is  the  latest  in  a  seem¬ 
ingly  never-ending  stream  of 
issues  that  afflict  [Microsoft] 


products,”  said  Bruce  Azuma, 
corporate  director  of  informa¬ 
tion  technologies  at  Wilbert 
Inc.,  a  Broadview,  Ill-based 
company  in  the  funeral  ser¬ 
vices  and  industrial  plastics 
businesses.  “As  a  medium-size 
business  user  of  Microsoft,  I 
am  growing  more  and  more 


WINDOWS’  LATEST  FLAW 
Companies  with 

should 

be  largely  protected  gainst 
the  vulnerability. 

exists  for 

users  accessing  a  corporate 
n  work  via  a  virtual  private 
network  or  WAN  connection. 

in  Jude  dis¬ 
abling  the  Distributed  Com¬ 
ponent  Object  Model  and 
blocking  Port  135,  which 
is  used  o  initiate  a  remote 
session. 


concerned  with  Microsoft’s 
ability  to  release  stable,  secure 
products.” 

Such  flaws  also  raise  ques¬ 
tions  about  the  efficacy  of  Mi¬ 
crosoft’s  Trustworthy  Com¬ 
puting  initiative,  said  John 
Cowan,  corporate  IT  director 
at  Caldwell  Industries  Inc.,  a 
Louisville,  Ky.-based  injection 
molding  manufacturer. 

“On  a  scale  of  1  to  10, 1 
would  give  [Trustworthy 
Computing]  a  3,”  Cowan  said. 
“I  don’t  know  what  the  prob¬ 
lem  is,  but  it  doesn’t  look  like 
they  have  been  able  to  lock 
down  their  software  like  they 
said  they  would.” 

Discovery  of  the  flaw 
“cracked  the  bubble”  around 
Windows  Server  2003  security 
and  will  force  Microsoft  to  re¬ 
double  its  efforts  to  find  out 
what  went  wrong,  said  Pete 
Lindstrom,  an  analyst  at  The 
Spire  Group,  a  consultancy  in 


Malvern,  Pa..  But  it  would  be 
premature  to  see  it  as  a  sign  of 
broader  security  problems  in 
Windows  Server  2003,  he  cau¬ 
tioned.  “I  would  be  embar¬ 
rassed  for  anyone  who  jumps 
to  that  conclusion,”  he  said. 

Kevin  Kean,  director  of 
Microsoft’s  security  research 
center,  last  week  insisted  that 
the  company’s  Trustworthy 
Computing  initiative  is  work¬ 
ing,  despite  the  fact  that  seri¬ 
ous  flaws  keep  cropping  up  in 
Windows  software. 

Trustworthy  Computing  “is 
a  long-term  vision,”  Kean  said. 
“We  are  committed  to  improv¬ 
ing  [it]  on  an  ongoing  basis. 
When  we  find  something  that 
goes  wrong ...  we  try  to  Fig¬ 
ure  out  where  we  need  to 
make  progress.” 

One  sign  that  Trustworthy 
Computing  has  begun  to  pay 
off  is  the  relatively  low  num¬ 
ber  of  flaws  uncovered  in 


Windows  Server  2003  so  far, 
compared  with  Windows  2000 
at  the  same  stage,  Kean  said. 
Just  four  security  bulletins 
have  been  released  for  Win¬ 
dows  Server  2003,  compared 
with  14  for  Windows  2000  in 
the  same  period,  Kean  said. 

Some  users  agreed  with 
Kean’s  assessment.  “In  fairness 
to  them,  they  are  doing  the 
right  things,”  said  David  Ry- 
mal,  IT  director  at  Providence 
Health  System  in  Everett,  Wash. 

“[Windows  2003]  shows  a 
complete  reversal  in  deploy¬ 
ment  methodology  compared 
to  earlier  versions,  when 
everything  was  turned  on  and 
left  unsecured  by  default,” 
said  Antony  DeVoto,  NT  sys¬ 
tems  administrator  at  Volvo 
Finance  North  America  Inc.  in 
Montvale,  N.J.  “Finally  we  are 
seeing  Trustworthy  Comput¬ 
ing  making  a  difference  that 
should  benefit  us  all.”  I 
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Global  IT  Spending 
Levels  Off  in  Q2 

Worldwide  IT  spending  continued 
to  show  stability  in  the  second 
quarter  of  2003,  but  significant 
gains  in  corporate  spending  have 
yet  to  happen,  according  to  mar¬ 
ket  research  company  IDC.  Global 
IT  spending  is  expected  to  sur¬ 
pass  $872  billion  for  the  full  year, 
an  increase  of  1%  from  last  year. 
In  the  U.S.,  IT  spending  will  be 
flat  this  year,  with  declines  in 
overall  hardware  spending,  large¬ 
ly  related  to  price  competition, 
being  offset  by  marginal  growth  in 
software  and  services,  IDC  said. 


EMC  Dealt  a  Blow 
In  Legato  Deal . . . 

EMC  Corp.’s  $1.3  billion  acquisi¬ 
tion  of  Legato  Systems  Inc.  hit  a 
snag  last  week  when  Legato 
shareholders  filed  two  lawsuits 
claiming  “breach  of  fiduciary  duty 
and  self-dealing”  against  Legato 
and  its  board  of  directors.  The 
lawsuits  came  just  a  week  after 
EMC  agreed  to  buy  Legato,  a 
maker  of  storage  management 
software  in  Mountain  View,  Calif., 
to  fill  gaps  in  its  storage  infra¬ 
structure  and  data  management 
software  offerings. 


. . .  But  Reports 
Strong  Q2  Results 

EMC  reported  strong  second- 
quarter  results  last  week,  citing 
growth  across  all  segments  of  its 
business,  thanks  to  new  products 
and  services  and  an  expanded  dis¬ 
tribution  network.  The  Hopkinton, 
Mass.,  company  reported  revenue 
of  $1.48  billion  for  the  quarter 
ended  June  30,  representing  a 
7%  growth  rate  over  the  same 
quarter  a  year  ago. 

Short  Takes 

iMTEL  CORP.’s  second-quarter 
revenue  was  up  8%  from  last 

year _ ORACLE  C0RP.  granted 

5.9  million  new  unqualified  stock 
ontions  to  be  shared  among  nine 
of  its  executives. 
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Policy  Processing  System 


Uses  Compuware  tools  to  test  new 
multimillion-dollar  insurance  network 


BY  MATT  HAMBLEN 

ESTING  and  perfor¬ 
mance  management 
tools  from  Com¬ 
puware  Corp.  are 
being  deployed  at  Amerisure 
Insurance  Co.  to  help  build  a 
modern  multimillion-dollar 
insurance  policy  processing 
system. 

“Some  of  our  systems  are 
antiquated,  and  we  embarked 
on  a  process  to  redeploy  them, 
starting  with  our  workers’ 
compensation  insurance  line 
of  business,”  said  Frank  Pe- 
tersmark,  vice  president  of  IT 
at  Amerisure  in  Farmington 
Hills,  Mich.  “But  I  wanted  to 
pre-quality-test  and  ensure  the 
system  before  production.” 

Before  the  insurer  began  de¬ 
veloping  the  Amerisure  Policy 
System  (APS)  last  year,  “we 


had  always  struggled  with 
finding  a  way  to  do  a  better 
road  test,”  he  said.  “We  always 
had  a  disparate  group  of  IT 
testing  products  that  you  had 
to  bundle  together.” 

To  develop  a  more  holistic 
approach,  Amerisure  pur¬ 
chased  Compuware’s  Vantage 
performance  management  and 
AQCenter  Performance  Edi¬ 
tion  testing  tools,  spending 
about  $50,000,  Petersmark 
said.  Amerisure  used  the 
products  to  pretest  APS  appli¬ 
cations,  code  and  network 
links  affecting  workers’  com¬ 
pensation  policies  —  which 
represent  about  half  the  com¬ 
pany’s  business. 

The  testing  with  Detroit- 
based  Compuware’s  tools 
helped  reveal  errors  in  data¬ 
base  coding  that  Amerisure 


had  written,  showing  that 
problems  experienced  by  re¬ 
mote  users  weren’t  caused  by 
the  company  network,  Peters¬ 
mark  said.  “Our  experience  is 
that  the  network  is  always 
blamed  for  slowdowns,  but 
now  we  can  show  it  isn’t  al¬ 
ways  the  problem,”  he  said. 

Amerisure,  with  $600  mil¬ 
lion  in  annual  revenue  and  $1.3 
billion  in  assets,  has  about  700 
users  in  10  states,  all  of  whom 
use  the  APS. 

Amerisure  is  now  using  the 
tools  to  help  modernize  its 
policy  system  for  other  lines 

HI  have  learned 
the  value  of 
having  tools  to  dis¬ 
cover  a  problem 
before  there  is  one. 

FRANK  PETERSMARK,  VICE  PRESI¬ 
DENT  OF  IT,  AMERISURE  INSURANCE 


Vendors  Vie  to  Boost 
Videoconferencing  Market 


BY  MATT  HAMBLEN 

Videoconferencing  and  collab¬ 
oration  technology  are  getting 
a  boost  from  separate  vendors. 

Wave  Three  Software  Inc. 
today  will  announce  server 
software  for  desktop  video- 
conferencing  and  collabora¬ 
tion  based  on  the  Session  Ini¬ 
tiation  Protocol.  Meanwhile, 
Tandberg,  a  videoconferenc¬ 
ing  market  leader  in 
New  York,  last  week 
announced  new  gate¬ 
way  hardware  to  allow 
greater  flexibility  in 
making  videoconfer¬ 
encing  connections 
between  suppliers, 
partners  and  cus¬ 
tomers.  It  also  an¬ 
nounced  support  for 
h.264,  a  standard  that 
it  said  will  produce 
superior  video  quali¬ 


ty  but  use  half  the  bandwidth 
of  current  systems. 

Wave  Three,  a  start-up  in 
San  Diego,  has  focused  on  at¬ 
tracting  university  customers 
interested  in  distance  learning 
and  real-time  video  and  col¬ 
laboration  between  academic 
leaders,  according  to  the  com¬ 
pany’s  CEO,  Robert  Randall. 

One  beta  user  of  Wave 


Three’s  Session  Conference 
Server  is  the  University  of 
Arkansas  for  Medical  Sciences. 
The  Little  Rock  school  might 
use  it  for  distance  learning, 
clinical  consultations,  re¬ 
search  collaboration  and  day- 
to-day  administration,  said 
Mark  Clark,  director  of  techni¬ 
cal  operations.  “Our  goal  is  to 
make  video  communications 
seamless”  for  up  to  7,000 
knowledge  workers,  he  said. 

With  Wave  Three,  Clark  pre¬ 
dicted  that  he  will  be  able  to 
use  existing  desktops,  won’t 
have  to  buy  in-room 
video  gear  and  may 
be  able  to  reduce  the 
number  of  leased 
lines  he  needs.  He 
said  he’s  not  looking 
for  a  reduction  in 
travel  costs,  but  he  is 
hoping  for  enhanced 
communications. 

Session  Confer¬ 
ence  Server  is  avail¬ 
able  now  on  Win¬ 
dows  2000  Server, 


of  business,  such  as  commer¬ 
cial  auto  and  general  liability 
insurance,  Petersmark  said. 
The  new  policy  systems  will 
cost  “millions  of  dollars,”  un¬ 
derscoring  the  value  of  testing 
the  products. 

“I  have  learned  the  value  of 
having  tools  to  discover  a 
problem  before  there  is  one,” 
he  said. 

Amerisure  considers  the 
APS  to  be  the  heart  of  its  busi¬ 
ness,  since  it  involves  the  pro¬ 
duction  of  policy  forms  and 
workflow,  company  officials 
said.  The  Compuware  tools 
that  helped  build  and  test  it 
are  used  by  a  half-dozen  data¬ 
base  administrators,  network 
managers  and  developers. 

Amerisure  bought  the  Com¬ 
puware  tools  after  a  review  of 
products  from  other  major 
management  vendors,  includ¬ 
ing  Computer  Associates  In¬ 
ternational  Inc.,  IBM’s  Tivoli 
Software  and  Hewlett-Packard 
Co.  Compuware  “was  a  good 
fit  with  us,”  Petersmark  said. 

Amerisure  still  uses  unrelat¬ 
ed  OpenView  products  from 
HP,  but  “we  didn’t  think  they 
were  strong  on  testing  appli¬ 
cations,”  he  said.  B 


starting  at  $10,500  for  10  users, 
according  to  Wave  Three. 

Tandberg’s  Gateway  is  avail¬ 
able  now  for  $21,000  for  a 
4Mbit/sec.  gateway,  but  the 
price  will  rise  to  $32,000  in 
October.  The  company  also 
announced  the  Tandberg 
Management  Suite,  which  al¬ 
lows  users  to  schedule  confer¬ 
ences  in  Microsoft  Exchange 
and  Outlook. 

Andrew  W.  Davis,  an  analyst 
at  Wainhouse  Research  in 
Brookline,  Mass.,  said  the  new 
gateway  product  means  Tand¬ 
berg  can  sell  infrastructure 
products  as  well  as  endpoint 
gear  such  as  cameras,  micro¬ 
phones  and  compression- 
decompression  software. 

Tandberg’s  Gateway  will  en¬ 
able  interoperability  with  oth¬ 
er  systems  deployed  by  other 
users,  Davis  said.  By  contrast, 
Wave  Three  is  proprietary 
software,  meaning  a  user 
wouldn’t  be  able  to  videocon¬ 
ference  a  call  to  a  rival  ven¬ 
dor’s  system.  I 
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Digital  Document 
Security  and  IT: 
Everything  you 
need  to  know. 

Q#  What  are  the  most  significant 
•  digital  copier  security  issues? 

A#  Various  copier  print  controllers 
•  are  actually  servers  that  queue 
and  permanently  store  multiple 
document  files,  providing  administrator 
access  to  the  documents.  At  a 
minimum,  most  digital  copiers  retain 
the  last  document  processed;  some 
even  retain  multiple  documents 
totaling  hundreds  of  pages.  Others 
redirect  print  jobs  when  the  printer  is 
busy  or  jammed,  making  "denial  of 
service"  attacks  possible. 

Q#  How  does  Sharp  protect  the 
•  network  interface? 

Au  The  Sharp  Ethernet  card  allows 
•  administrators  to  restrict 
access  and  disable  unnecessary 
protocols.  With  this  network  card,  the 
Sharp  digital  copier  is  essentially 
protected  by  its  own  firewall. 

Q#  How  can  you  be  sure  that 
•  security  products  actually 
perform  as  claimed? 

A#  The  Common  Criteria 

•  program — administered  by 
the  U.S.  National  Security  Agency  and 
the  National  Institute  of  Standards 
and  Technology — evaluates  security 
solutions.  Products  that  are  validated 
under  the  program  meet  security 
levels  consistent  with  ISO  1 5408 
methodology. 

Q#  How  can  Sharp  improve  IT 
•  security? 

A#  Sharp  offers  print  privacy 
•  solutions  designed  to  restrict 
unauthorized  personnel  from  seeing 
confidential  materials.  Copier  access 
can  be  controlled  and  monitored, 
while  documents  retained  in  printer/ 
copier/scanner/fax  memory  are 
immediately  cleared  to  eliminate 
unauthorized  access. 
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There’s  No  Killer  App 
For  Linux,  Kapor  Says 


BY  TODD  R.  WEISS 

PORTLAND,  ORE. 

Mitch  Kapor,  co-founder  of  the  former 
Lotus  Development  Corp.  and  creator  of 
the  Lotus  1-2-3  spreadsheet,  is  leading  a 
project  called  Chandler  to  create  an 
open-source  personal  information  man¬ 
ager  package  [QuickLink 
34022],  He  also  established  the 
Open  Source  Applications  Foun¬ 
dation  in  2001  to  encourage 
open-source  development.  At  the 
recent  O’Reilly  Open  Source 
Convention  here,  Kapor  spoke 
with  Computerworld  about  the 
effect  of  Linux  and  open-source 
software  on  business  computing. 

Linux  is  increasingly  gaining  respect 
among  IT  professionals.  What  does  that 
mean  for  the  continued  development  of  the 
operating  system?  I  expect  to  see  gov¬ 
ernment  and  private  foundations  pro¬ 
vide  funding  for  open-source  develop¬ 
ment  in  the  future.  As  the  overall  so¬ 
cial  value  of  open-source  becomes 
clearer  and  clearer,  you  will  see 


new  kinds  of  funding  models. 

Is  business  ready  today  to  adopt  open- 
source  applications  for  critical  needs? 

A  lot  depends  on  the  perspective 
from  which  you’re  looking  at  things. 
Whether  it’s  suitable  for  you  depends 
on  what  your  needs  are.  For 
many  people,  it’s  perfectly 
good,  and  for  others,  it’s  miss¬ 
ing  that  critical  part.  There’s  no 
fundamental  technological  bar¬ 
rier  preventing  it  from  [filling 
the  remaining  gaps]. 

Do  you  use  Linux  as  your  primary 
operating  system?  It’s  not  yet 
there  day-to-day  for  what  I  do.  I 
fiddle  with  it  just  to  stay  fresh.  It  will  be 
nice  when  it’s  ready  to  do  everything. 

What’s  keeping  Linux  from  being  able  to 
serve  as  your  primary  operating  system? 

I  have  collaborative  calendaring  as  a 
critical  need,  and  I’m  waiting  for  up¬ 
coming  connector  software  [to  make  it 
work  seamlessly]. 


Where  do  you  see  Linux  and  open-source 
making  the  next  big  push  into  business  IT? 

I  think  the  penetration  into  big  enter¬ 
prises  in  the  immediate  future  is  going 
to  be  in  the  verticals,  like  call  centers. 
For  knowledge  workers,  there’s  a  high 
bar,  and  Linux  is  not  ready  for  that.  But 
in  call  centers,  they  use  their  machines 
to  do  specific  kinds  of  things.  The  Lin¬ 
ux  desktop  is  sufficiently  mature  to 
take  those  kinds  of  calls  well. 


Lotus  1-2-3  was  a  key  to  the  proliferation  of 
PCs  and  desktop  computing.  Is  there  a  simi¬ 
lar  must-have  application  that  could  spawn 
a  mass  migration  to  Linux  and  open- 
source?  There’s  no  killer  app.  People 
need  different  things.  That’s  really  the 
task  of  an  operating  system.  It’s  not  do¬ 
ing  one  thing  right.  It’s  doing  a  thou¬ 
sand  things  right. 


You  have  said  that  Linux  on  the  desktop 
will  continue  to  become  more  commonplace 
and  could  take  10%  of  the  global  market 
share  from  Microsoft  Windows  in  the  not- 
too-distant  future.  Do  you  think  major 
changes  are  coming  to  the  operating  sys¬ 
tem  landscape?  We’re  not  going 
to  see  an  explosion  of  Linux  in  the 
next  18  months.  Ten  percent  of  a  bil¬ 
lion  [Windows  users]  is  100  million. 
That’s  a  lot.  Linux  on  the  desktop  is 
actually  here.  I 


Linus  Torvalds  Releases  Test 
Version  of  Linux  2.6  Kernel 


Beta  signals  developers 
to  focus  on  bug  testing 

BY  ROBERT  MCMILLAN 

A  test  version  of  the  much-anticipated 
Version  2.6  of  the  Linux  kernel  was 
released  last  week  by  Linux  creator 
Linus  Torvalds. 

The  release  of  the  kernel,  called 
2.6test,  means  that  kernel  development 
will  switch  focus  from  feature  develop¬ 
ment  to  bug  testing  as  the  Linux  com¬ 
munity  scrambles  to  get  the  final  ver¬ 
sion  of  Linux  2.6  ready  over  the  next 
few  months. 

“The  point  of  the  test  versions  is  to 
make  more  people  realize  that  they 
need  testing  and  [to]  get  some  strag¬ 
gling  developers  realizing  that  it’s  too 
late  to  worry  about  the  next  big  fea¬ 
ture,”  said  Torvalds  in  a  posting  to  the 
kernel  developers’  mailing  list. 

The  release  of  the  test  code  sends  a 
message  to  software  developers  and 


Linux  vendors,  according  to  Joseph 
Pranevich,  a  systems  administrator  at 
Terra  Lycos  SA  in  Barcelona,  Spain, 
and  a  longtime  Linux  kernel  watcher. 

“It  says,  ‘We’re  in  freeze,  we’re  not 
making  any  changes,  and  pretty  much 
what  you  see,  plus  stability,  it’s  what 
you  get,’  ”  he  said.  “Now  it’s  time  for 
the  people  that  are  interested  in  devel¬ 
oping  [applications]  to  take  a  look  at 
2.6  and  become  acquainted  with  it.” 

The  2.6  kernel  includes  support  for 
Non-Uniform  Memory  Architecture 
(NUMA)  servers,  which  is  expected  to 
strengthen  Linux’s  appeal  as  a  multi¬ 
processor  operating  system.  It  will  also 
include  support  for  embedded  proces¬ 
sors  that  don’t  contain  memory  man¬ 
agement  units,  such  as  Motorola  Inc.’s 
DragonBall  and  ColdFire  processors. 

“The  concept  that  you  can  have, 
out  of  the  same  source  tree,  some¬ 
thing  that  works  on  a  [handheld  de¬ 
vice]  and  something  that  works  on  a 
64-way  NUMA  machine  is  just  amaz¬ 


ing  to  me,”  said  Pranevich. 

How  long  the  beta  phase  of  Linux  2.6 
will  last  is  anybody’s  guess,  but  Tor¬ 
valds  expressed  optimism  that  it  will 
be  shorter  than  the  seven  months  it 
took  to  finalize  Linux  2.4,  which  was 
subject  to  repeated  delays. 

Linux  vendors  Red  Hat  Inc.  and 
SuSE  Linux  AG  are  preparing  their  own 
Linux  2.6  test  kernels  to  offer  to  adven¬ 
turous  customers  and  software  vendors 
that  may  want  to  test  the  new  code. 

SuSE’s  test  kernels  will  be  available 
around  the  beginning  of  the  third  quar¬ 
ter,  according  to  a  company  spokes¬ 
man.  Red  Hat  said  its  version  will  be 
available  this  month. 

SuSE  expects  to  have  an  “enterprise- 
ready”  distribution  based  on  the  2.6 
kernel  available  by  next  May  or  June, 
said  a  company  spokesman.  Red  Hat 
declined  to  say  when  it  expects  to  ship 
its  2.6  version.  I 


McMillan  writes  for  the  IDG  News 
Service. 


MORE  ONLINE 

For  more  Linux  news,  visit  our  special  focus  page; 

QuickLink  slOOO 
www.computerworld.com 
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NetScout  Moves  to  Unify  Network, 
Performance  Management  Tools 


Rivals  expected 
to  follow  suit 


BY  MATT  HAMBLEN 

NetScout  Systems  Inc.  last 
week  announced  two  product 
upgrades  designed  to  unify 
real-time  and  historical  re¬ 
porting  of  network  and  appli¬ 
cation  performance  data  on 
large  corporate  networks. 

At  the  heart  of  the  upgrades 
are  NetScout’s  new  Common 
Data  Model  (CDM)  Adaptors, 
software  designed  to  help 
users  gather  basic  perfor¬ 
mance  data  from  a  range  of 
switches  and  routers,  said 
Leslie  Miller,  product  market¬ 


ing  manager  at  the  Westford, 
Mass.-based  company. 

The  new  technology  will  be 
offered  within  NetScout’s 
nGenius  Performance  Manag¬ 
er  2.0  software  and  nGenius 
Probe  6.0  firmware,  which  is 
a  rack-mounted  device  that 
gathers  and  analyzes  traffic- 
flow  records  from  network 
nodes.  Both  upgrades  will  be 
available  by  the  end  of  this 
month,  NetScout  said. 

Keith  Axtell,  a  performance 
analyst  at  Consumers  Energy 
in  Jackson,  Mich.,  has  been 
testing  Performance  Manager 
2.0  for  the  past  month,  having 
installed  an  earlier  version  a 
year  ago. 


One  improvement  that  Ax¬ 
tell  has  noticed  is  an  enhanced 
ability  to  simultaneously  run 
multiple  windows  containing 
network  performance  data  on 
his  PC.  “You  did  a  lot  of  win¬ 
dow  management  in  the  earli¬ 
er  release,”  he  said. 

Consumers  Energy,  an  elec¬ 
tric  and  natural  gas  utility,  has 


to  monitor  6,500  nodes  in  a 
network  that  spans  100  sites  in 
Michigan.  NetScout’s  technol¬ 
ogy  has  given  IT  staffers  bet¬ 
ter  tools  for  monitoring  con¬ 
nectivity  to  all  those  devices, 
Axtell  said,  adding  that  the  im¬ 
provements  have  become  es¬ 
pecially  critical  as  the  utility 
company  moves  from  manag¬ 
ing  mainframe  systems  to 
managing  distributed  systems. 

Performance  Manager  2.0 
has  been  in  production  use  for 
the  past  month  in  a  small  seg¬ 
ment  of  the  network  at  the 


Uncasville,  Conn.-based  Mo- 
hegan  Sun  casino,  which  sup¬ 
ports  a  total  of  7,500  nodes, 
8,000  phone  lines  and  6,200 
slot  machines  that  are  serially 
connected  to  the  network. 

The  new  version  will  be  es¬ 
pecially  useful  because  the 
CDM  Adaptors  can  bring  in  in¬ 
formation  from  other  data 
sources  besides  Remote  Moni¬ 
toring,  said  Kevin  Carey,  the 
casino’s  network  administrator. 

Michael  Howard,  an  analyst 
at  Infonetics  Research  Inc.  in 
San  Jose,  said  that  NetScout  is 
the  first  vendor  to  come  out 
with  unified  technology  for 
network  and  application 
monitoring. 

Howard  predicted  that  the 
offering  will  quickly  be  emu¬ 
lated  by  rivals  such  as  Con¬ 
cord  Communications  Inc. 
and  Network  Associates  Inc.’s 
Sniffer  Technologies  unit.  I 


New  Products 


PRICE 

AVAILABILITY 

nGenius  Performance 
Manager  2.0 

Starts  at 
$50,000 

July  31 

nGenius  Probe  6.0 

Start  jH$7, 995 

July  31 
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V2X  Subsystem 
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At  a  restaurant,  not  my  desk. 


Means  I'm  not  wasting  time  doing  the 


same  data  management  task  again  and 


again  and  again  and. ..well, you  get  it 


Save  the  day. 


To  me,  success  is  a  35  minute  lunch. 
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PATRICIA  KEEFE 


Security  Disconnect 


I’D  TELL  YOU,  but  then  I’d  have  to  kill  you. 
OK,  it  wasn’t  quite  that  bad,  but  a  recent 
briefing  with  Robert  R  Liscouski,  a  man 
whose  long  title  could  choke  a  horse  —  assis¬ 
tant  secretary  of  homeland  security  for  infra¬ 
structure  protection  in  the  Information  Analysis 
and  Infrastructure  Protection  Directorate  of  the 
Department  of  Homeland  Security  —  came  up 
short  on  what  I  was  looking  for:  information  about 


how  this  all  affects  you. 

The  briefing  was 
necessarily  lacking  in 
specifics  about  how  the 
department  does  things 
and  how  it  handles  things 
because,  well,  you  know. 

But  Liscouski  did  say 
the  feds  are  looking  to 
build  a  leadership  team, 
and  he  specifically  wants 
to  tap  someone  with  in¬ 
dustry  knowledge  and 
business  expertise  to  lead 
the  still  vaguely  defined  effort.  (But, 
as  it  turns  out,  there’s  speculation 
that  no  one  wants  the  job  in  the  wake 
of  two  White  House  security  czar 
resignations  and  a  distancing  of  the 
DHS  unit  from  the  White  House.) 

I  wanted  to  know  what  the  DHS  is 
doing  to  get  the  attention  of  corpo¬ 
rate  America,  and  more  important, 
to  secure  its  participation  and  coop¬ 
eration  in  combating  cyberthreats  to 
national  and  business  security. 

Not  much,  as  it  turns  out.  There 
won’t  be  any  regulations  —  not  like 
what  we  have  with  privacy  and  the 
Sarbanes-Oxley  Act.  So  there  won’t 
be  any  fear  of  losing  your  job  —  not 
like  there  was  with  Y2k.  Which 
means  there  isn’t  any  pressure  to  di¬ 
vert  limited  funds  toward  address¬ 
ing  security  issues  and  implement¬ 
ing  standard  security  practices. 

And  that’s  a  problem.  Just  look  at 
last  week’s  tip-packed  Knowledge 
Center  report  on  security  [Quick- 
Link  kllOO],  We  dug  up  scores  of 
ways  to  batten  down  the  data  hatch¬ 
es.  Looking  it  over,  I  thought  some 
of  these  tips  weren’t  new,  and  some 
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of  the  risks,  such  as  dis¬ 
gruntled  employees, 
have  been  written  about 
ad  nauseam.  And  yet  it 
all  bears  repeating  be¬ 
cause  we  don’t  appreci¬ 
ate  the  value  of  follow¬ 
ing  basic  safety  rules. 
Just  as  many  drivers 
snub  seat  belts,  many 
companies  duck  digital 
security. 

It  would  be  great  if  the 
same  government  de¬ 
partment  that  wants  businesses  to 
report  attacks  and  buy  certified  se¬ 
curity  products  could  show  an  inter¬ 
est  in  providing  some  incentives  for 
activities  that  could  foil  those  at¬ 
tacks  in  the  first  place.  The  IT  camp 
knows  we’ve  got  a  problem  —  it’s 


convincing  management  to  do 
something  about  it.  People  are  look¬ 
ing  for  as  much  help  as  they  can  get. 
But  then  again,  I’m  not  sure  how 
much  help  you  can  expect  from  a  se¬ 
curity  agency  that  signs  a  $90  mil¬ 
lion  contract  with  Microsoft  —  the 
leading  cybersecurity  sinkhole  —  on 
the  same  day  that  vendor  warns  of 
three  new  Windows  vulnerabilities, 
including  one  deemed  “critical.” 

The  bigger  problem  is  that  80% 
of  the  nation’s  critical  infrastructure 
is  privately  controlled,  and  several 
recent  studies  point  to  a  significant 
disconnect  between  business  and 
IT  executives  over  security  issues. 
Frustration  over  the  glacial  pace  of 
DHS  progress  spawned  last  week’s 
introduction  of  a  coalition  of  secur¬ 
ity  vendors,  integrators  and  experts 
that  hopes  to  create  salable  prod¬ 
ucts  [QuickLink  39918].  But  even 
that  group  has  no  defined  short¬ 
term  goals. 

So  I  have  one  for  the  DHS  and  the 
vendor  group:  Forget  about  building 
organizations  and  products  for  now. 
Concentrate  on  educating  CEOs  on 
the  issue  and  helping  IT  executives 
get  just  the  basic  security  measures 
deployed  and  enforced.  Now  that’s 
something  we  can  all  talk  about.  I 


'  OTHER  THAN  OJERWE  W  09 ,  AND 

EVERTONE  WHO  p<2£9fVT  WORE  RoR  US  7  ^  HAVt 

no  one  To  Tear.  " 
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DHS  Creating 
Opportunities 
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'OW  THAT  the  Depart¬ 
ment  of  Homeland  Se¬ 
curity  has  taken  up  the 
task  of  coordinating  security 
for  wireless  and  mobile  tech¬ 
nology,  it’s  likely  we’ll  see  an 
expanded  market  for  all  types  of  de¬ 
vices  and  systems.  In  addition,  govern¬ 
ment  money  will  recharge  R&D  for  mo¬ 
bile  and  wireless,  which  has  been  lan¬ 
guishing  because  of  flagging  capital  in¬ 
vestment  and  a  poor  business  climate. 

For  example,  the  department’s  Na¬ 
tional  Communications  Service  (NCS) 
has  already  rolled  out  a  wireless  priori¬ 
ty  service  (WPS)  using  commercial 
vendors.  This  nationwide  system 
would  give  wireless  calls  made  by  key 
government  officials  priority  treat¬ 
ment  during  an  emergency  that  result¬ 
ed  in  a  congested  wireless  network. 
The  WPS  is  connected  to  a  mobile 
switch  that  has  been 
updated  to  bypass 
local  exchange  net¬ 
works  when  neces¬ 
sary.  This  assures 
connectivity  to  the 
Government  Emer¬ 
gency  Telecommuni¬ 
cations  Service. 

In  addition,  the 
DHS  grants  money 
to  state  and  local 
governments  for 
emergency  planning, 
and  in  June  it  created  the  National 
Cyber  Security  Division  (NCSD)  to 
sweep  cyberspace  for  potential  nasties. 
The  NCSD  is  also  charged  with  aiding 
national-level  recovery  efforts  and 
helping  to  protect  against  cyberthreats. 

Other  initiatives  include  an  effort  to 
use  the  Internet  and  wireless  for  an 
emergency  notification  system  in  the 
Washington  area,  and  the  Backup  Dial 
Tone  Project  designed  to  keep  key  fed¬ 
eral  buildings  humming  despite  a  ter¬ 
rorist  attack.  The  NCS  selected  satel¬ 
lite  technology  for  the  first  demonstra¬ 
tion  of  this  project:  another  demon¬ 
stration  will  use  Free  Space  Optics 
technology.  Wireless  voice  over  IP  is 
also  slated  for  a  test. 

The  key  to  the  DHS’s  strategy  is  to 
move  ahead  on  several  fronts  at  the 
same  time,  something  businesses  can’t 
afford  to  do. 

Private-sector  spending  on  security 
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providing  a  wealth  of  features  and  benefits. 

Brother's  range  of  products  includes  business 
machines,  communications  products,  labeling  and 
identification  systems. 


(jmotP) 

•  14.4  kbps  modem 

•  600x600  DPI 
• 8MB 

•  dual  access 

MFC-8500 


m  «  —  At  your  side. 

Dfotrtef: 


E38836  HL-5040  Laser  2400x600  - 1 7ppm  $277. 

E38843  HL-5070  Laser  2400x600  - 1 7ppm  $499. 

C86364  MFC-8500  B&W-15  PPM  MFP  $399. 

F62620  MFC-8420  B&W -1 7PPM  MFP  $577. 

F62705  MFC-8820D  B&W -1 7PPM  MFP  $650.00  J 


Softchoice  currently  carries  over  50,000  hardware  and  230,000 
software  items  representing  more  than  4,700  manufacturers. 
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ScanSoft 

Productivity 

without  Boundaries" 


Instantly  Add  Document  Management  and  PDF 
Creation  to  Your  PC 

PaperPort®  is  used  by  millions  to  organize,  find  and  share  all  of  the 
files  on  their  PC  —  from  scanned  receipts  and  contracts,  to  Microsoft® 

Word,  PowerPoint®,  Excel,  and  PDF  files.  PaperPort®  adds  document 
management  capabilities  to  your  existing  PC  folders  and  files  —  on 
your  local  or  network  disk  drives,  and  even  CD  and  DVD  disks.  Best 
of  all,  PaperPort  Pro  9  Office  lets  you  create  PDF  files  from  within 
all  of  your  PC  applications,  making  it  easy  to  share  your  documents 
using  email  and  the  Web. 

■  Large  thumbnails  let  you  organize  everything  on  your  PC,  from  scanned  paper 
and  digital  photos,  to  Office  documents  and  PDF  files. 

■  All-in-one  search  finds  all  matching  files,  including  scanned  paper,  photos  and 
PDFs. 

■  Convert  Word  and  other  formats  into  PDF  quickly  and  easily. 

■  Combine  pages  from  Microsoft  Word,  PowerPoint  and  Excel  into  a  single  PDF, 
with  drag  and  drop  ease. 

■  Email  many  documents  in  one  step,  saving  time  and  effort. 

■  Receive  and  send  faxes  without  ever  using  paper. 

■  Use  PaperPort  and  your  existing  network  to  store,  search  and  share  documents 
from  every  PC  in  your  organization. 


Thpnc0rl^#1  PaPer, 

PDF  ar>d  Document 

Management  Appiication 

for  the  PC 


Dragon  NaturallySpeaking®  is  the  #1  way  to  instantly  create  docu¬ 
ments,  memos,  letters  and  contracts  —  simply  by  speaking.  In  just 
a  few  minutes,  you’ll  be  dictating  into  virtually  any  Windows®- 
based  application  three  times  faster  than  you  can  type.  Millions  have 
selected  Dragon  NaturallySpeaking  because  it  is  powerful  and 
easy-to-use,  but  most  of  all  because  it  saves  time  and  money.  Ideal 
for  desktop,  workgroup  and  enterprise  users,  Dragon 
NaturallySpeaking  7  sets  a  new  standard  for  speech  recognition 
performance. 

■  Best  Accuracy  -  Breakthroughs  in  acoustic  and  language  modeling  increase 
speech  recognition  accuracy. 


Control  Your  PC  and 
Text  —  at  160  Words 


Convert  Speech  into 
-per-Minute 


■  Fast  and  Easy  to  Use  -  After  just  a  few  minutes  of  voice  training,  you  can  dictate 
into  virtually  any  Windows  application  three  times  faster  than  you  can  type. 

■  Mobile  -  Dictate  into  any  ScanSoft®-approved  Pocket  PC  or  hand-held  digital 
recorder,  then  automatically  transcribe  when  you  synch  with  your  PC. 

■  The  First  Choice  for  Speech  Recognition  -  Dragon  NaturallySpeaking  is  the 
world’s  number  one  selling  speech  recognition  product  and  has  won  over  150 
awards  for  accuracy  and  ease  of  use. 


So  Accurate 
and 

Easy-to-use, 
No  Wonder  it’s 

ft 1 


Volume 
Licensing  I” 
Available 


E49140  PaperPort  Pro  9  Office  Single  User  CD-ROM  $192.00 

E68314  PaperPort  Pro  9  Office  5-User  CD-ROM  $853.00 

E68316  PaperPort  Pro  9  Office  25-User  CD-ROM 

E45207  Dragon  NaturallySpeaking  Preferred  CD-ROM  $135.00 

Dll 952  OmniPage  Pro  12  Office  CD-ROM  $590.00 

C77613  OmniPage  Pro  12  Office  Upgrade  CD-ROM  :  H  !  i 


www.softchoice.  com /browser 
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iGrafx  Process  Central  2003 

Manage,  control,  share  and  exploit  your  organization’s  process  knowledge  base 
with  iGrafx®  Process  Central™  2003  -  a  server  based  collaboration  suite  for 
proactive  Enterprise  Process  Management. 


iGrafx  Flowcharter  2003 

Enjoy  total  productivity  and  ease-of-use  when  you  create  your  flowcharts,  process 
maps,  and  other  business  diagrams  with  iGrafx®  Flowcharter™  2003,  the  newest 
version  of  the  award  winning  ABC  Flowcharter®. 


iGrafx' 

www.iGrafx.com 


iGrafx' 

FLOWCHARTER2003 

Visualize  Your  Way  to  a  Better  Business" 


iGrafx 

PROCESS  CENTRAL2003 

Visualize  Your  Way  to  a  Better  Business” 


D3591 6  IGrafix  Process  Central  2003  CD  ROM  $1 4,996.00 

D4201 7  IGrafix  Process  Central  2003  Upgrade  CD  ROM  $6,996.00 

027965  IGrafix  Flowcharter  CD  ROM  $396.00 

035682  IGrafix  Flowcharter  Upgrade  CD  ROM  $245.00 


Paint  Shop  Pro  8" 


Paint  Shop  Pro  8 


From  small  businesses  to  large  corporations,  Paint  Shop 
Pro  8  "  is  the  photo  and  graphics  editor  of  choice. 

Including  both  automatic  and  precision  tools,  it  makes  editing  photos, 
enhancing  presentations,  and  creating  innovative  websites,  brochures 
and  training  materials  easy. 

•  Design  graphics  from  scratch  or  use  preset  shapes,  effects,  and 
Picture  Tubes"' 

»  Slice  and  optimize  Web  graphics,  add  rollover  effects,  and  hot  spots 

•  Capture  continuous  screen  shots  of  a  full  page  or  a  designated  area 

•  Add  text  to  images 

•  Convert  and  view  files  using  40+  supported  formats 

•  Record,  edit  and  save  commonly  used  tasks  with  Automated 
Productivity  Scripts  ” 


softchoice 


1. 877. 967. 3737 


maximize.  a* 


get  more  done  with  macromedia 


Macromedia 
Studio  MX  Plus 

Maximize  your  ability  to  get  more 
done  with  this  powerful  suite. 

Integrated  tools  and  resources  for 
building  dynamic  web  experiences 

Allows  you  to  create  graphics,  lay  out 
HTML  pages,  code  applications,  build 
rich  user-interfaces,  and  assemble 
complete  solutions 

Includes  prebuilt  templates, 
components,  site  structures, 
and  layouts 

Create  powerful  applications  with 
XML,  web  services,  Microsoft  .NET, 
and  Java 
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DREAMWEAVER 
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Macromedia 
Dreamweaver  MX 

Maximize  your  ability  to  build 
powerful  websites  and  web 
applications. 

•  Integrated  tools  for  site  design  and 
layout,  and  rapid  web-application 
development 

•  Everything  you  need  to  develop  and 
manage  any  professional  website, 
whether  it’s  built  with  HTML,  XHTML 
XML,  web  services,  ColdFusion, 
ASP,  ASP.NET,  JSP,  or  PHP 

•  Customize  and  extend  Dreamweaver 
MX  with  more  than  700  free 
extensions  available  through  the 
Macromedia  Dreamweaver  exchange 


E26247  Macromedia  Studio  MX  Plus  for  Win  1  User  CDROM .  . $900.00 


B86356  Macromedia  Dreamweaver  MX  WIN .  $365.00 

A89251  Macromedia  HomeSite . . . $100.00 

D48803  Macromedia  DevNet  Resource  Kit.  volume  1  CDROM . . . $100.00 

D84020  Macromedia  DevNet  Resource  Kit.  volume  2  CDROM . $100.00 


macromedia” 


SUBSCRIPTIONS 


Introducing  the  new  premium  software  service  for  top-tier  developers. 

*  More  software  extensions,  components,  and  services, 
delivered  throughout  the  year 

•  Upgrade  your  Macromedia  Studio  MX  software  to  include 
Macromedia  FfeeHand,  Macromedia  Contribute,  and  the 
Macromedia  DevNet  Resource  Kit  Special  Edition 


» includes  fully  functional  development-only  servers  on 
all  supported  platforms 

•  Software  upgrades  to  all  software  in  your  subscription- 
as  they're  r 


F33754  Macromedia  Devnet  Professional  Subscription  CDROM  .. 


$1,500.00 


2 

l 

MX 


Macromedia  ColdFusion  MX 

Rapidly  build  Internet  applications  that 
integrate  with  databases,  XML,  web 
services,  Macromedia  Flash,  and  more. 

•  Includes  the  highly  productive  ColdFusion 
scripting  environment,  built-in  search  and  charting 
capabilities,  and  an  integrated  web  services  engine 

•  Makes  it  easy  to  build  and  deploy  applications  on 
all  major  operating  systems,  as  well  as  Java”"  and 
Microsoft*  .NET  platforms 


B89034  Macromedia  ColdFusion  MX  PROFESSIONAL  SERVER .  . $1,300.00 

B99249  Macromedia  JRun4  MULTIPLATFORM  V.4.0 . $900.00 


Macromedia  Contribute  2 

Delegate  web  content  updates  while 
maintaining  control  over  your  website. 
With  Macromedia  Contribute,  business 
users  can: 

•  Get  set  up  in  minutes  without  any  training 

•  Easily  update  web  content  without  knowing 
HTML  while  maintaining  existing  website  design, 
functionality  and  code 

•  Update  content  on  any  HTML  website,  including 
Macromedia  Dreamweaver  MX,  Microsoft 
FrontPage  and  hand-coded  sites 


D73309  Contribute  2  Single  User 


$100.00 


Macromedia  Flash  MX 

Maximize  your  ability  to  create 
highly  visual  interactive  content 
and  Rich  Internet  Applications. 

Reduce  development  time  and  deliver 
the  best  user  experiences 

Macromedia  Flash  MX 
Data  Connection  Kit  NEW 

Resources  to  jumpstart  the  creation  of  simple 
to  complex  data-driven  applications 

Includes  Macromedia  Firefly  Components 
for  retrieving  and  displaying  data 

Plus  Macromedia  Rash  Remoting  MX  to  access 
data  from  application  servers 


B54486  Macromedia  Rash  MX . .  . $479.00 

F04769  Macromedia  Rash  Communication  Server  MX  PRO . $4,501.00 

D40992  Macromedia  Rash  Remoting  MX  1  CPU . . . $1,000.00 


Macromedia  Director  MX 

Author  with  any  type  of  media  and  deliver 
on  CD/DVD-ROM,  kiosks,  and  the  web. 

•  Streamline  development  by  controlling 
Macromedia  Flash  MX  objects,  and  launching 
and  editing  Macromedia  Flash  MX  files 

•  Deliver  accessible  content  for  people  with 
disabilities 

•  Built  for  Apple  Mac  OS  X  and  Microsoft  Windows 


D74096  Macromedia  Director  MX  WIN . . . . .  $1,200.00 


B  ROW^  EL  R 


www.softcholce.  com /browser 


VERITAS  Backup  Exec”  9.0 

for  Windows  Servers 

VERITAS  Backup  Exec™  9.0  for  Windows  Servers  is  the  next  generation 
backup  and  restore  solution  providing  comprehensive,  cost  effective 
protection  for  Microsoft  Windows  server  environments.  A  web-based 
administration  console  and  new  graphical  user  interface  with  easy-to-use 
wizards  simplify  installation  and  enhance  manageability.  High  performance 
agents  and  options  deliver  flexibility  to  help  protect  data  quickly 
and  reliably. 


VERITAS 


Product  Highlights 

•  Fastest  Exchange  Server  Backup  &  Restore 

•  First  to  Leverage  Windows  Server  2003  Technology 

•  First  Anywhere  Internet  Interface 

•  Windows  Web-based  Interface 

•  Fastest,  Simplest  Installation  for  Windows  Data  Protection  -  From  Shelf  to 
Backup  in  10  minutes 

Go  to  www.veritas.com/be90eval_sc  to  receive  a  FREE  evaluation  copy 


E08339  Backup  Exec  I !9  WIN  Server  Edition  CD  ROM 

El  01 07  Backup  Exec  V9  WIN  Server  Edition  License 

E09541  Backup  Exec  1/9  WIN  Server  Edition  License  w/  lyr  maintenance 


C? 


Volume  Licensing"''. 
Available  QV 


$552.00 

$537.00 

$660.00 


^  A 

HP  Proliant  ML530  G2  Xeon  3GHZ  Rack 

The  ProLiant  ML530  Generation  2  is  a  high-performance  2-way  server  that  delivers 
industry-leading  expansion  and  availability  features.  ProLiant  engineering  and  design 
expertise  optimize  system  resources  for  intensive  data  center  and  remote  office 
environments.  Processor,  memory,  and  I/O  subsystems  combine  to  provide  unbeatable 
price/performance  for  database  engines  or  server  consolidation  efforts. 

•  For  maximum  internal  storage  and  I/O  flexibility 

•  For  remote  and  branch  offices  to  data  centers 

Compaq  Tablet  PC  TCI 000 

New  definition  of  mobility  and  versatility,  an  innovative  form  factor  offering 
unprecedented  mobility  and  versatility  for  business  computing.  Compaq  Tablet  PC 
TCI  000  weighs  in  at  just  3.0  pounds. 


n  v  e  n  t 


•  integrated  wireless  LAN  maximizes  mobility 

•  removable  keyboard  provides  the  ability  to  change  from  tablet  mode  to  notebook  PC  mode  with  the  flip  of  a  switch 

•  innovative  mobile  keyboard  that  detaches 

•  innovative,  flexible  docking  system  to  quickly  expand  usability  and  does  not  require  synchronization 

•  innovative  docking  station  supports  easy  transitions  with  multi-monitor  docking  profiles 


E6821 3  Proliant  ML530  G2  Xeon  3GHZ  Rack 

E68215  Proliant  ML530  G2  Xeon  3GHZ  Tower 

E84887  Proliant  ML530  G2  1GB  CDR  Net 

D62029  Compaq  TCIOOOTCrusoe  1.0GHZ  30GB  256MB  Lan  WXPT 

D61963  Compaq  TCIOOOTCrusoe  1.0GHZ30GB  256MB  Lan/W-Lan  WXPT 

D83278  Compaq  TCIOOOTCrusoe  1.0GHZ  Tablet  PC  60GB  512MB  10.4"  Lan  WXPT 


$5,700.00 

$5,350.00 

$4,341.00 

*$1,700.00 

*$2,000.00 

*$2,300.00 


■ promotional  pricing  available  until  July  31, 2003 


Deploying  software  across  a  few  computers,  or  several  thousand?  Softchoice 
will  find  the  licensing  option  that  gives  you  the  greatest  return  on  your  investment. 


■ 


■ 


— 


Keep  your  projects  on  track  with  the  Enterprise  Project 
Management  solution  from  Microsoft.  Consider  how  fragile  the 
chain  of  information  really  is,  especially  if  you  rely  on  status  meet¬ 
ings.  But  imagine  if  everything  you  needed  to  know  to  keep  your 
projects  on  time,  on  budget  and  using  the  right  people  was  avail¬ 
able  at  your  fingertips?  Imagine  if  you  could  centrally  man¬ 
age  projects,  test  scenarios  and  re-allocate  resources  with  a  few 
well-placed  clicks?  Imagine  if  you  had  control  over  the  entire 
process.  Well,  stop  imagining  because  you  can  do  all  that  with  the 
Enterprise  Project  Management  solution  from  Microsoft. 


Starwood  Hotels  and  Resorts  checks  in.  “Our  Microsoft  Enterprise 
Project  Management  solution  has  greatly  enhanced  our  planning 
efficiency  and  project  monitoring,"  remarks  Gustaf  Burman,  IT 
Project  Manager  at  Starwood  Hotels  and  Resorts  EAME.  “Because 
all  information  related  to  the  scope  and  cost  of  each  project  is 
now  centralized,  managers  have  a  much  better  overview  of 
activities."  Web-based  information  sharing.  Teams  can  share  and 
access  project  information  virtually  anywhere  through  a  simple 
web  browser.  To  learn  more,  call  Softchoice  at  1.877.967.3737  or  visit 
www.softchoice.com/microsoft/project 


SOFTWARE  FOR  THE  AGILE  BUSINESS 


©2003  Microsoft  Corporation.  All  riQhts  reserved.  Microsoft  Is  either  a  registered  trademark  or  trademark  of  Microsoft  Corporation  in  the  United  States  and/or  other  countries.  The  names  of  actual  companies  and  products  mentioned  herein  may  be  the  trademark  of  their  respective  owners. 
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Microsoft 


h  Microsoft 

=5=  Visio 

Professional 


Show  them  what  you’re  saying. 

Microsoft  Visio  allows  you  to  quickly  and  easily  organize  your  ideas  and 
present  a  clear-cut  plan  of  action. 

Create  crystal-clear  flowcharts,  timelines,  organizational  charts,  even  detailed 
floor  plans,  all  in  an  intuitively  designed,  easy-to-use  program.  With  Visio  your 
ideas  become  easily  understood  solutions.  And  with  flexibility  to  save  Visio 
diagrams  as  Web  pages  or  to  use  them  in  Microsoft  Office  documents  and 
e-mail,  you  can  get  your  point  across  just  about  any  way  you  choose. 


Microsoft- 


Visio 

Professional 


The  Microsoft  Office  Business  and  Technical 
Diagramming  Solution 


939440  Microsoft  Visio  Professional  Edition  CD  ROM 
939444  Microsoft  Visio  Professional  Edition  Upgrade  CD  ROM 


Volume  Licensing  $496.00 
$249.00 


C Volume  Licensing'^ 
Available~__^^ 


Software  Assurance. 
Be  assured. 


Microsoft® 

Softwa  re  Assurance 


for  Volume  Licensing 


Microsoft  announced  the  addition  of  new  benefits  to  the 
Software  Assurance  program  that  will  be  available  to  you  in 
addition  to  the  benefits  you  already  receive. 

What  Software  Assurance  Can  Do  for  Your  Organization's  Productivity 

Run  new  versions  of  licensed  software  as  they  become  available  during  the  term  of 
your  agreement  and  choose  to  spread  out  payments  annually. 

Support  and  Tools 

Deploy  and  use  software  efficiently  with  help  from  Microsoft  support  professionals, 
resources,  tools  and  Problem  Resolution  Support  that  can  help  keep  business 
systems  running  smoothly. 

Training 

Bring  employees  up  to  speed  quickly  on  new  products,  and  keep  IT  professionals 
up-to-date  on  the  latest  technical  information  with  many  levels  of  instructor-led  and 
eLearning  courses. 

Take  advantage  of  Software  Assurance  with  Softchoice 

Visit  us  at 

http://www.softchoice.com/microsoft/softwareassurance 
to  learn  more! 


Microsoft 


Don’t  miss  your  chance  to  win  an  HP  IPAQ! 


softchoice 


1.877.967.3737 


Get  Maximum 
System  Uptime 
and  Reliability 
-  Fast! 

Diskeeper*  7.0 
Second  Edition. 

The  “Set  It  and  Forget  It”® 
disk  defragmenter  for 
Windows® 


System  crashes,  blue  screens  and  slow  file  access  can 
all  be  symptoms  of  excessive  fragmentation.  Diskeeper 
7.0  Second  Edition  automatically  eliminates 
fragmentation  and  routinely  increases  system 
performance  and  reliability. 

Buy  Diskeeper  today! 


4r?B£ 


A92002  Diskeeper  7  WIN  CD  ROM  $48.00 

A92006  Diskeeper  7  WIN  5  User  CD  ROM  $227.00  J 


Service  Pack 
Manager 
2000  " 


Pinpoint, 
predict  and 
prevent  network 
problems  quickly  with 
Observer® 


This  network  monitor  and  protocol  analyzer  for 
Ethernet  (10/100/Gigabit)  and  Wireless  802.1  la/b/g 
provides  metrics,  capture  and  trending  for  both 
shared  and  switched  environments.  Fully  distributed 
with  software- based  probes. 


INSTRUMENTS 


A91667  Observer  Suite  V8  CD  ROM 


$3,973.00 


Pervasive.SQL 


Network  Security  Patch  Management  Tool 

•  Patches  Security  holes  in  NT/2000/XP/2003, 

IIS,  Exchange,  SQL,  ISA,  IE,  and  more 

•  Patch  Research  and  Automated  Inventory 

•  Network  Discovery 

•  Automatic  Network  Security  Scanning 

•  Scheduled  Service  Pack  or  Hotfix  installation 


B8731 6  50  User  E  Download  $1 ,055.00 

B87364  50  User  Maintenance  $295.00 


Pervasive.SQL  combines  performance,  embed- 
ability  and  low  administration  cost  in  a  powerful, 
flexible  and  scalable  engine,  and  delivers  industry 
standard  data  access  methods  and  seamless 
application  integration. 


peiVasive 


E02551  1 0  User  V8  CD  ROM  For  NT  $1,168.00 

E02532  10  User  V8  CD  ROM  for  Netware  $1 ,1 68.00 

E02509  1 0  User  V8  CD  ROM  for  Linux  $1 ,1 68.00 


02003  Micfosotl  Cotporalioft  All  rights  reserved,  fcfoosot  iseithd  a  registered  trademark  or  trademart  ol  Mtcrosofl  CorporaOon  in  the  United  States  and/w  other  countries _ _ 
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Tired  of  spending  time  in 
unproductive  meetings? 


indfet 


Visual  Thinking 


Call  Softchoice  today  at  1.877.967.3737 
or  visit  www.softchoice.com. 


version  2002 


Introducing  a  more  effective  way  to  electronically  capture,  organize  and 
communicate  information  and  ideas.  As  the  digital  alternative  to  whiteboards, 
flip  charts  and  notepads,  MindManager  increases  productivity  through  faster 
understanding,  better  decisions  and  reduced  meeting  time. 

►  Eliminate  2  out  of  every  3  meetings 

►  Move  projects  from  brainstorming  and  planning  into  implementation  20%  faster 

►  Increase  project  success  rates  by  20%  or  more 

MindManager  seamlessly  integrates  with  Microsoft®  Project  and  Microsoft  Office  Suite 
to  quickly  publish  the  results  of  group  meetings  and  jump-start  business  projects. 


D 84405  MindManager  2002  Enterprise  Edition  CDROM 
F59857  MindManager  2002  For  Tablet  PC  (ENT)  Single  User  CDROM 
B61 728  MindManager  2002  Business  Edition 
F53400  MindManager  2002  For  Tablet  PC  Business  Edition 


$249.00 

$249.00 

$175.00 

$175.00 


GETTING  A  DOCUMENT 
FROM  ANYONE  IN  THE  COMPANY 
SHOULD  BE  THIS  EASY. 


Put  your  information  to  work  with  intranets  and  portals  solu¬ 
tions  from  Microsoft.  It  brings  organization  and  purpose  to 
information  within  your  company  that  resides  on  a  network.  To 
learn  more  about  our  intranet  and  portal  solutions,  please 
visit  www.softchoice.com/microsoft/sharepoint  or  call 
Softchoice  at  1.877.967.3737. 
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softchoice 


1.877.967.3737 


Adobe®  Acrobat®  6.0 
Professional 

Adobe 
Acrobat6.o 

Professional 

Advanced  control  over  document  exchange  and  output 


W. 


Adobe 


Adobe®  Acrobat®  6.0  Professional  software  provides  robust  new  tools  to 
enable  business,  creative,  and  engineering  professionals  to  reliably  and 
efficiently  exchange  graphically  complex  documents. 

Convert  any  document  to  Adobe  Portable  Document  Format  (PDF)  files  with  one  button  click: 
from  Microsoft  Office,  Internet  Explorer  and  Microsoft  Project,  as  well  as  from  Microsoft  Visio 
and  AutoCAD,  while  preserving  document  layers.  Now  combine  multiple  documents,  including 
large-format  technical  drawings  and  page  layouts,  into  one  compact  Adobe  PDF  file  in  a  single 
step,  and  automatically  initiate  and  manage  reviews  using  new  electronic  tools.  Create  forms 
that  can  be  exchanged  with  colleagues  and  customers. 


E72108  Acrobat  Professional  WIN  CD  ROM 
E72107  Acrobat  Professional  MAC  CD  ROM 
E721 10  Acrobat  Professional  WIN  UPGRADE  CD  ROM 
E721 09  Acrobat  Professional  MAC  UPGRADE  CD  ROM 


$448.00 

$448.00 

$150.00 

$150.00 


Don’t  miss  your  chance  to  win  an  HP  IPAQ! 


See  better  collaboration 
See  faster  decisions. 
See  lower  costs . 


From  the  leader  in  collaboration,  a  new  way  to  do  business  that  increases  responsiveness  and  simplifies 
access  to  people,  information  and  processes,  Lotus  Workplace  delivers  wide-scale  collaboration  for  everyone 
in  your  workforce:  Openly,  Flexibly.  Affordably.  With  business  results  on  demand.  To  learn  more  about  the 
first  Workplace  offering,  see  our  demo  of  Lotus  Workplace  Messaging™  at  ibm.com/lotus/seeworkplace 
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Leading  security  resellers  get  that  way  by  selling  leading  security  products. 


Introducing  Symantec  Client  Security.  These  days  your  customers  face  attacks  that  are  more  invasive  and  destructive 
than  ever  before.  Blended  threats  like  Nimda  and  Code  Red  can  infect  a  company  via  the  Internet,  laptops,  portable 
media,  even  PDAs.  Once  inside  they  can  erase  data,  disrupt  business  and  damage  a  client’s  greatest  asset:  its  reputation. 

Symantec "  Client  Security,  the  world’s  first  fully-integrated  client  security  solution,  combines  the  critical  tools — intrusion 
detection,  client  firewall  and  virus  protection — into  a  powerful,  cohesive  defense.  It's  just  one  part  of  a  comprehensive 
solution  that,  along  with  our  award-winning  partner  program,  gives  you  the  tools  you  need  to  become  your  customers' 
most  trusted  ally.  To  learn  more,  visit  www.softchoice.com/spotlight/symantecinfo.  Or  call  Softchoice  at  1.877.967.3737 
to  find  out  how  you  can  upgrade  customers  from  their  current  desktop  antivirus  solution. 

softchoice  ^  Symantec. 
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I.T.  Asset  Management 

with  Zero  Strain 


.On  your  Resources 

No  databases  to  deploy, 
servers  to  install  or  software 
to  configure;  Livelnventory 
lets  you  start  NOW! 


...On  your  Infrastructure 

Unlike  other  applications  that  can  only  inventory  LAN-based 
PCs,  Livelnventory  is  topology  transparent,  allowing  you  to 
inventory  all  of  your  mobile  workforce,  remote  branch  offices, 
and  LAN  PCs  at  the  speed  of  an  email. 


...On  your  End-Users 

Livelnventory  doesn't 
require  end-user  participation; 
it  completes  a  PC  inventory 
in  less  than  5  seconds. 


3-way  Integrated  Inventory  Technology 

Capture  ALL  PC  inventory,  regardless  of  location 


Email-AssetAgent 

Send  an  email-AssetPulse  to  inventory 

your  remote/foreign  offices  mobile/at  home  users 


LAN-AssetAgent 

For  LAN  users  with  restricted 
or  no  Web  or  Email  access 


*  m 


Email-AssetAgent 
jw  is  less  than  200Kb 
'one-time'  download 


DIsk-AssetAgent 


Identify  connected 
peripherals  such  as: 

Network  Printers 
Local  Printers 
PDAs 

Data  Devices 


Inventory  userless  PC's, 
secure  servers  with  no 
LAN  or  Web  access 
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Quickly  Determine: 

•  Software  License  Compliance 

•  PC  Replacement  Forecasting 

•  Security  Vulnerabilities 

•  XP  Migration  Cost  Analysis 

•  Software  Usage  Analysis 


softchoice 


Livelnventory 


"...[Livelnventory]  is  a  phenomenal  service.  The  depth  and  scope 
of  analysis  are  tremendous  and  the  presentation  is  first  rate." 

-  Mark  Gibbs,  Network  World 


Take  control  of  your  IT  Asset  Management  and  start  analyzing  today. 
For  a  free  7-day/25  node  trial  visit 


www.softchoice.com/liveinventory 


Achieve  greater  productivity  with  desktop  standardization  from  Microsoft. 


Finally,  standardization  as  defined  by  you. 


Now  there's  a  way  to  get  the  desktop  standardization  you’ve  always 
wanted...and  overcome  the  productivity  barriers  of  multiple  operating 
systems,  incompatible  productivity  suites,  and  different  hardware. 

Desktop  standardization  with  Microsoft®  Windows®  XP  and 
Office  XP  Professional  can  help  your  organization’s  desktops  become 
more  dependable  and  easier  to  manage,  while  providing  security, 
reliability,  mobility  and  collaboration  benefits  that  will  make  you  more 
productive.  And  it  all  starts  with  putting  more  control-and  more 
flexibility— directly  into  your  hands. 

With  Microsoft’s  new  Open  License  Value  Company-wide  Option, 
standardization  doesn't  have  to  be  all  or  nothing.  Licensing  costs  are 
spread  out  over  three  years,  so  you  can  deploy  upgrades  at  your  own 
pace.  You  can  easily  acquire  licenses  to  use  Microsoft  Windows  XP 
Professional  and/or  Office  XP  on  all  of  your  company’s  PCs-and  enjoy 
substantial  savings  over  other  Microsoft  Volume  Licensing  plans. 


Open  License  Value  Company-wide  includes  Software  Assurance,  so  you 
automatically  have  the  licensing  rights  to  deploy  new  versions  of 
Windows  and/or  Office  software  as  they  are  released  throughout  the 
term  of  your  agreement.  Plus,  your  IT  team  can  access  valuable 
resources  to  help  make  deployment  faster,  easier,  and  smoother. 
Windows  XP  Professional  and  Office  XP  offer  built-in  tools,  such  as 
expanded  help  features,  the  ability  to  save  and  migrate  settings,  and 
interactive  online  training. 

To  find  out  more  about  how  desktop  standardization  can  provide  you 
with  greater  flexibility,  lower  costs,  better  compatibility,  and  higher 
productivity,  visit  www.softchoice.com/microsoft/desktop  or  contact 
Softchoice  at  1.877.967.3737  today. 
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is  up  only  4%,  according  to  a  Confer¬ 
ence  Board  survey  of  more  than  300 
large  corporations.  That’s  hardly 
enough  to  fund  large-scale  infrastruc¬ 
ture  projects. 

As  a  result  of  its  experimenting  with 
various  technologies  —  for  example, 
exploring  the  unlicensed  portion  of  the 
wireless  spectrum  —  the  DHS  may 
open  new  areas  for  commercial  appli¬ 
cation  of  wireless  mobile  technologies. 

There’s  no  estimate  as  to  how  much 
of  the  department’s  $36  billion  annual 
budget  is  earmarked  for  wireless  and 
mobile.  But  with  both  the  government 
and  Chantilly,  Va.-based  research  firm 
Input  expecting  federal  IT  spending  to 
grow  at  a  compound  annual  rate  of 
8.5%  to  reach  $68.2  billion  in  2008,  it’s 
certain  that  money  is  available  for 
wireless  security  projects. 

The  DHS  is  also  incorporating 
lessons  learned  from  the  private  sector 
—  for  example,  relying  more  on  indus¬ 
try  standards  and  outsourcing  up  to 
75%  of  its  projects. 

While  the  department’s  mission  is  to 
safeguard  the  mobile  and  wireless  in¬ 
frastructure,  in  the  process  it  is  also 
priming  the  pump  of  the  digital  econo¬ 
my.  And  that’s  something  we  need  as 
much  as  a  security  strategy.  ft 

GREG  PAPADOPOULOS 

The  Future 
In  Bits 

I  LOOK  AT  everyday  objects 
differently  now,  and  you 
will  too  when  you  realize 
that  bits  —  the  binary  digits 
of  electronic  data  —  are  start¬ 
ing  to  show  up  in  the  most 
unexpected  places. 

We  are  now  able  to  make  sensors 
and  radio-frequency  tags  so  small  that 
we  can  put  them  into  anything:  light 
bulbs,  milk  cartons,  sprinkler  systems 
and  building  materials. 

Call  it  “bitmass”  —  bits  increasingly 
intertwined  with  atoms  to  make  the 
digital  equivalent  of  biomass.  It’s  going 
to  change  the  texture  of  our  world. 

Consider  the  heat  tiles  on  the  under¬ 
belly  of  NASA’s  space  shuttles.  I  look  at 
them  and  imagine  bits  in  the  tiles.  The 
shuttle  could  then  become  much  more 
self-aware  —  it  would  notice,  for  exam¬ 
ple,  if  one  of  the  tiles  was  missing.  And 
if  tragedy  occurred,  we  could  piece  to¬ 
gether  answers  by  asking  the  pieces 
what  happened  to  them. 


Structures  could  be  made 
aware  of  their  parameters 
and  keep  track  of  their  own 
conditions  over  time.  Imag¬ 
ine  asking  your  house, 

“Were  you  hurt  in  yester¬ 
day’s  earthquake?” 

It  sounds  like  science  fic¬ 
tion,  but  it’s  not.  We’ve  al¬ 
ready  done  the  electronic 
materials  engineering.  Now 
we’re  starting  to  interweave 
small  amounts  of  computing 
and  storage  into  a  range  of 
materials  and  objects. 

For  example,  razor  blades  will  be 
among  the  first  products  we  track  as 
they  move  through  the  supply  chain, 
thanks  to  tiny  radio-frequency  identifi¬ 
cation  (RFID)  tags  that  now  cost  only  a 
few  cents  to  make.  This  technology  can 
help  companies  reduce  “shrinkage” 

(the  term  used  when  a  product  goes 
missing)  and  much  more. 

Think  about  all  the  time  you  waste 


in  stores  or  at  home  just 
looking  for  things.  RFID 
tags  can  respond  to  radio 
waves  and  say,  “Here  I  am!” 
Put  them  on  cartons  of 
milk  or  prescription  medi¬ 
cines,  and  they’ll  be  able  to 
tell  us  much  more  —  like 
whether  temperature  fluc¬ 
tuations  during  transit  have 
affected  their  freshness  or 
potency. 

Bitmass  will  also  acceler¬ 
ate  an  extremely  useful  de¬ 
sign  trend  I  call  “infradestructuring,” 
which  involves  separating  structure 
and  control  to  create  a  more  flexible 
infrastructure. 

Take  lawn  sprinklers.  My  new  house 
has  a  sprinkler  system  with  five  dif¬ 
ferent  controllers  of  different  genera¬ 
tions,  and  I  can’t  figure  out  how  any 
of  them  work.  So  I’ve  got  all  kinds  of 
problems  —  this  head  puts  out  too 
much  water,  that  one  not  enough.  I 


want  to  put  them  on  different  cycles, 
but  I  can’t  do  that  unless  I  tear  up  the 
ground  and  replumb  everything. 

Now  imagine  a  sprinkler  head  with 
bitmass.  It  might  have  a  moisture/pH 
sensor  probe  and  a  network-address- 
able  T-valve  that  lets  you  redirect  the 
flow  of  water.  You  would  be  able  to  as¬ 
sociate  any  sort  of  watering  require¬ 
ment  with  any  head. 

That’s  because  bitmass  enables  us  to 
teach  individual  items  what  we  want 
from  them  —  and  reteach  them  when 
our  needs  change.  In  other  words,  we’ll 
be  able  to  change  the  way  things  work, 
without  having  to  take  them  apart  and 
rebuild  them. 

Once  you  realize  bitmass’s  possibili¬ 
ties,  you  will  start  to  look  at  the  things 
around  you  very  differently.  Light 
switches,  stereo  speakers,  packages 
you  send  through  the  mail  —  all  kinds 
of  objects  take  on  new  properties. 

In  fact,  it  won’t  be  long  before  you 
wake  up  every  day  and  smell  the  bits!  ft 
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Hire  the  Laid  Off 
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S  ABUSE  of  the  H-1B  visa  so  ac¬ 
ceptable  now  that  John  Chen, 
the  CEO  of  Sybase,  can  make  the 
following  quote  without  blinking? 
“I’m  a  supporter  of  the  H-1B  visa 
because  most  of  the  H-1B  visa 
holders  are  people  we've  trained  in 
the  U.S.”  [“Sybase  CEO  Decries 
SCO  ‘Garbage,’  Oracle’s  Behavior,” 
QuickLink  39306].  This  visa  was 
meant  to  bring  into  our  country  ex¬ 
ceptionally  skilled  foreign  workers 
to  fill  a  temporary  need. 

Sybase  admits  that  it  wants  for¬ 
eign  workers  here  on  a  permanent 
basis.  There  is  only  one  reason  why 
they  would  do  this:  cheap  labor. 

And  our  government  lets  them  get 
away  with  it. 

Why  not  instead  hire  the  hun¬ 
dreds  of  thousands  of  skilled,  per¬ 
manently  laid-off  U.S.  workers  who 
have  lost  their  jobs  because  of  the 


H-1B  and  L-1  visas,  and  really  bene¬ 
fit  the  U.S.? 

Linda  Kilcrease 

Dover,  N.J. 

An  Offshore  View 

After  more  than  40  years 

in  IT  on  two  continents,  I  find  it 
ironic  that  there  is  growing  concern 
in  the  U.S.  IT  industry  regarding  off¬ 
shore  outsourcing. 

For  many  years,  those  of  us 
working  outside  the  U.S.  have  had 
to  outsource  offshore.  In  our  case, 
it  was  the  necessity  of  purchasing 
operating  systems,  ERP  and  allied 
system  software  from  U.S.  suppli¬ 
ers.  We  learned  to  live  with  poorly 
performing  code  and  unredeem¬ 
able  warranties. 

I  do  not  wish  to  unfairly  burden 
all  U.S.  software  companies  with 
this  criticism,  but  all  too  often  we 
pay  far  above  both  the  value  and 


Protecting  Jobs  in  a 

ALTHOUGH  the  IT  offshore  out¬ 
sourcing  situation  causes 
angst,  I  am  a  firm  believer  in  the 
free  market.  And  I  realize  that  we 
wound  up  in  this  mess  following  the 
escalation  of  IT  labor  costs  in  the 
'90s  and  that  the  U.S.  IT  labor  force 
is  shrinking  ["Offshore’s  Rise  Is  Re¬ 
lentless,”  QuickLink  39516],  How¬ 
ever,  companies  that  use  offshore 
services  should  be  forced  to  reveal 


Free  Market 

that  information  in  their  annual  re¬ 
ports.  This  would  be  similar  to  the 
information  about  the  origins  of  ve¬ 
hicle  parts  provided  by  automakers. 
Moreover,  U.S.  defense  contractors 
shouldn’t  be  allowed  to  use  off¬ 
shore  resources,  since  that  results 
in  increased  government  costs  for 
unemployment  compensation. 

Jim  R.  Reeves 
IT  manager,  Barrington,  III. 


cost  of  the  product  in  real,  local 
terms.  I,  for  one,  applaud  efforts  by 
outsourcers  and  other  suppliers  to 
reduce  costs  no  matter  their  loca¬ 
tion.  I  challenge  the  complainers  to 
improve  either  their  productivity 
and/or  their  quality  to  differentiate 
their  products  sufficiently  for  me  to 
willingly  pay  up  to  300%  more. 
When  this  happens,  we  will  know 
that  a  functioning  democratic  and 
capitalistic  society  is  in  existence. 
Ian  Simpson 
Systems  auditor, 

Sherwood  Park,  Alberta 

Measuring  Service 

I  READ  WITH  GREAT  INTEREST 

Thomas  Hoffman’s  June  23  arti¬ 
cle  “Outsourcers:  Do  They  Mea¬ 
sure  Up?”  [QuickLink  39030], 
Most  interesting  were  the  state¬ 
ments  made  by  Cathy  Brune,  CTO 
at  Allstate,  and  Rod  Hall,  vice  pres¬ 
ident  of  a  services  company. 

As  an  ex-CIO,  I  strongly  support 
Brune’s  contention  that  in  longer- 
term  service  agreements,  the  abili¬ 
ty  to  test  the  ongoing  fairness  of 
your  deal  is  vital.  To  Hall’s  con¬ 
tention  that  benchmarking  (period¬ 
ic  snapshots  of  performance)  is 
less  fair  to  the  services  provider 
than  baselining  (comparisons 
based  on  the  full  term  of  the  con¬ 
tract),  I  had  to  ask,  “Whose  fault 
is  that?” 

Hall  admits  that  services  deals 


are  commonly  structured  to  show 
immediate  value  to  the  client  by 
keeping  costs  artificially  low  up¬ 
front.  Thus,  any  benchmark  com¬ 
parisons  performed  late  in  the  con¬ 
tract  term  will  likely  show  the  ser¬ 
vice  providers  to  be  much  more 
costly,  and  accordingly,  any  re¬ 
quired  price  drops  imposed  by 
those  tests  would  be  unfair.  His  an¬ 
swer  in  effect  is  to  do  comparisons 
after  the  contract  period  is  over. 

Is  that  good  for  the  provider? 

Of  course.  Is  it  equally  good  for  the 
client?  Hardly.  Maybe  the  best  solu¬ 
tion  for  the  client  is  baseline  pricing. 
With  that  approach,  benchmarking 
at  any  point  provides  a  much  clear¬ 
er  picture  of  the  actual  level  of  ven¬ 
dor  performance. 

Bruce  Barnes 
President  and  CEO,  Bold 
Vision  LLC,  Dublin,  Ohio, 
bbarnes@bold-vision.com 

COMPUTERWORLD  welcomes 
comments  from  its  readers.  Letters 
will  be  edited  for  brevity  and  clarity. 
They  should  be  addressed  to  Jamie 
Eckle,  letters  editor,  Computerworld, 
P0  Box  9171, 500  Old  Connecticut 
Path,  Framingham,  Mass.  01701. 
Fax:(508)879-4843. 

E-mail:  letters@computerworld.com. 
Include  an  address  and  phone  num¬ 
ber  for  immediate  verification. 

OFor  more  letters  on  these  and 
other  topics,  go  to 

www.computerworld.com/letters 
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We  want  network  intelligence. 

Together,  from  one  company. 


MCI. 


An  MCI  VPN  has  intelligence  built  right  in.  It  gives  you  the  power  to 
blend  private  and  public  networks  securely  and  seamlessly,  so  you  can 
add  capabilities  like  remote  access  without  investing  in  an  entirely  new 
infrastructure.  Whether  you  manage  your  VPN  or  MCI  does,  you  can 
always  access  our  extraordinary  range  of  cost-effective  services  and 
technology.  Together,  we  can  expand  your  network  capabilities  the  only 
way  we  know  how:  intelligently.  To  get  your  MCI  VPN  solution  now, 
call  1  888  886  3844  or  go  to  www.mci.com/go/online/vpn 


OPINION 

Another  Front  in  the 
Standards  Wars 

The  CPU  in  your  computer  is  where 
the  real  action  takes  place,  and  CPU 
standards  would  maximize  computing 
performance,  says  Nicholas  Petreley. 

Page  36 


CASE  STUDY 

Boehringer  Cures 
Slow  Reporting 

The  pharmaceutical  giant  has 
installed  an  SAP/Cognos  system 
to  speed  its  financial  reporting 
and  ensure  it  can  keep  up  with 
the  competition.  Page  30 


Plugging  Storage 
Security  Holes 

Storage  systems  have  never  been 
designed  for  security.  SAN  and 
NAS  deployments  each  have 
their  own  vulnerabilities,  but 
there  are  ways  to  protect  them. 
Page  31 
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■  PC  DESIGN 

The  Shape  of 
Things  to  Come? 

One  of  the  more  intriguing  aspects  of  PCI 
Express  is  the  flexibility  it  gives  manufac¬ 
turers  in  redesigning  the  traditional  PC 
box.  With  fewer  circuits  to  design  onto 
the  motherboard,  a  IX  PCI  Express  slot 
less  than  3  in.  long  and  Newcard  connec¬ 
tors  (which  replace  today's  PC  Card  slots) 
just  1.3  in.  wide,  vendors  are  experiment¬ 
ing  with  compact  desktop  designs  that 
shed  the  traditional  rectangular  box  shape 
without  sacrificing  expandability. 

Hewlett-Packard’s  Chuck  Stancil  says 
the  space-saving  Newcard  slots  could  be¬ 
come  more  common  in  desktops  because 
they’re  less  expensive  to  integrate  than 
today’s  PC  Cards,  which  have  found  a 
home  mostly  in  laptops. 

It’s  not  just  the  shape  of  the  PC  that 
may  change,  manufacturers  say.  The  tradi¬ 
tional  PC  itself  could  disaggregate  into  a 
partitioned  system  that  places  noise-  and 
heat-generating  components  away  from 
the  user  while  leaving  the  display,  key¬ 
board,  mouse  and  removable  storage  on 
the  desktop.  “It’s  a  serial  technology  that 
allows  potentially  split-system  concepts,” 
says  PCI-SIG  Chairman  Tony  Pierce. 

HP  recently  showed  a  prototype,  co¬ 
developed  with  Microsoft  Corp.,  called  the 
Athens  PC.  That  unit  uses  another  high- 


The  typical  IX  PCI  Exp  ess  slot 
for  desktop  PCs  will  be  1  in.  long 
vs.  3  in.  for  32-bit  PCI  slots, 
require  just  four  wires,  and 
deliver  more  than  twice  the 
bandwidth.  A  graphics  adapter 
card  (shown  in  the  fourth 
expansion  slot)  will  use  a  3.5-in. 
16X  slot.  Fewer  wires  means 
fewer  traces  are  needed  on  the 
motherboard,  allowing  for 
more  compact  designs. 
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speed  serial  technology,  USB  2.0,  as  the 
interconnect,  but  Stancil  says  HP  is  con¬ 
sidering  similar  types  of  designs  based  on 
PCI  Express.  And  HP  isn’t  the  only  vendor 
willing  to  experiment.  “It’s  something 
we’re  going  to  play  with,”  says  Brian 
Zucker,  technology  evangelist  at  Dell. 


Outlook:  PCI  Express 
stands  ready  to  remedy 
PCI  bus  bottlenecks, 
but  for  most  users, 
those  don’t  exist  yet. 

By  Robert  L  Mitchell 

AS  PC  MICROPROCESSORS  pass 
the  3-GHz  clock-speed  mark 
and  Gigabit  Ethernet  begins 
its  move  onto  the  corporate 
desktop,  it’s  easy  to  forget 
that  the  typical  expansion  bus  in  desk¬ 
tops  sold  today  still  runs  on  11-year-old 
technology. 

The  32-bit,  33-MHz  Peripheral  Com¬ 
ponent  Interconnect  (PCI)  bus  specifi¬ 
cation,  which  debuted  in  1992,  remains 
the  standard. 
PCI  supports  an 
aggregate  band¬ 
width  of  just 
133MB/sec. 
(lGbit/sec.),  and  that  bandwidth  must 
be  shared  among  all  devices  on  its 
multidrop  bus.  “I/O  has  moved  at  an 
anemic  pace,”  says  Tom  Bradicich, 
chief  technology  officer  for  IBM’s 
xSeries  server  line. 

An  emerging  I/O  standard,  PCI  Ex¬ 
press,  is  about  to  speed  things  up.  The 
current  specification,  supported  by  the 
PCI-SIG  vendor  consortium  and  pro¬ 
moted  heavily  by  Intel  Corp.,  succeeds 
PCI’s  parallel  bus  design  with  a  high¬ 
speed,  point-to-point  serial  interconnect 
technology  that  Intel  and  others  say 
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will  be  both  faster  and  more  reliable.  It 
will  deliver  an  aggregate  bandwidth 
ranging  from  5Gbit/sec.  (500MB/sec.) 
to  160Gbit/sec.  (16GB/sec.).  And  be¬ 
cause  it’s  serial,  the  technology  will 
work  more  efficiently  with  other 
emerging  high-speed  serial  technolo¬ 
gies  such  as  Serial  ATA  and  InfiniBand. 
It  will  also  offer  hot-plug  and  hot-swap 
support  and  enable  direct  peer-to-peer 
communication  between  attached  de¬ 
vices  without  involving  the  processor 
chip  set  (see  diagram  on  page  26). 

But  PCI-SIG  isn’t  just  promoting 
PCI  Express  as  a  desktop  PCI  expan¬ 
sion  bus  replacement.  The  consortium 
is  positioning  it  as  a  general-purpose 
I/O  technology  for  desktops,  worksta¬ 
tions  and  servers  that  will  also  speed 
internal  chip-to-chip  and  graphics 
adapters.  Intel  plans  to  release  a  PCI 
Express  chip  set  for  servers,  code- 
named  Lindenhurst,  early  next  year, 
with  a  PC  chip  set  to  quickly  follow. 

On  the  desktop,  the  first  PCI  Express 
add-in  devices  are  likely  to  be  graphics 
chips  because  the  Accelerated  Graph¬ 
ics  Port  (AGP)  standard  has  run  out  of 
gas,  says  Jim  Pappas,  director  of  tech¬ 
nology  initiatives  for  Intel’s  enterprise 
platform  group.  “All  new  graphics  de¬ 
velopment  [beyond  AGP  8X]  is  being 
done  on  PCI  Express,”  he  says,  noting 
that  the  first  graphics  products  could 
be  available  by  early  next  year. 

Although  vendors  generally  view  a 
migration  to  serial  I/O  technology  as 
inevitable,  PCI  Express’  near-term 
prospects  beyond  high-end  graphics 
are  less  clear.  IT  managers  say  desk¬ 
tops  don’t  yet  need  the  extra  I/O  band¬ 
width.  “People  are  not  taxing  the 
equipment  they  have,”  says  Scott  New¬ 
ton,  director  of  IT  at  Otis  Spunkmeyer 
Inc.  in  San  Leandro,  Calif. 

PCI  Express  also  represents  a  funda¬ 
mental  technology  shift  in  that  its 
physical  interfaces,  which  include 
desktop  expansion  slots,  a  new  PC 
Card  format  (code-named  Newcard) 
and  Mini  PCI  Express  slots,  won’t  ac¬ 
cept  existing  PCI  devices. 

In  the  server  world,  where  I/O  band- 
Continued  on  page  26 
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HR  Standing  at  the  forefront 
of  the  Linux  revolution 


Linux  is  all  about  open  solutions. 
And  so  is  HP.  So  naturally,  HP  has 
emerged  as  the  worldwide  leader  in 
Linux  solutions.  By  focusing  on  the 
key  strength  of  Linux— open  system 
environments— HP  has  been  solving 
real  business  problems  for  more 
customers  than  anyone  for  18 
quarters  running.  With  HP  hardware, 
software  and  over  4,000  Linux 
service  experts  ready  to  serve  you,  it's 
easy  to  see  we're  the  Linux  leader. 
And  the  ones  you  should  call  to  make 
even  your  most  business-critical 
applications  easier  to  manage  at 
lower  costs.  Demand  more. 
Demand  HP  for  Linux. 


To  see  what  HP  and  Linux  can  do  for 
your  business,  try  our  TCO  calculator 
at  www.hp.com/go/demandlinux. 
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PCI  Bandwidth 
By  the  Numbers 

Users  comparing  throughput  numbers  for  PCI  Express  and 
PCI-X  may  find  the  experience  confusing.  That’s  because 
the  nature  of  the  two  architectures  makes  apples-to-apples 
comparisons  more  difficult. 

Since  Express  is  a  serial  technology,  designers  tend  to 
describe  bandwidth  in  bits  per  second.  In  contrast,  PCI  de¬ 
signers  describe  bandwidth  in  bytes  per  second.  And  even 
after  calculating  the  bit/byte  conversions,  the  bandwidth 
numbers  aren't  directly  comparable  because  the  ways  in 
which  the  two  technologies  transport  data  are  different. 

A  PCI  Express  design  transmits  data  over  a  set  of  two 
wires  at  a  base  signaling  rate  of  2.5Gbit/sec.  -  but  only  in 
one  direction.  A  complete,  full-duplex  PCI  Express  “lane" 
consists  of  four  wires,  for  an  aggregate  bandwidth  of 
5Gbit/sec.  Although  PCI-X  2.0  adds  bandwidth  by  increas¬ 
ing  the  clock  speed  to  double  data  rate  (DDR)  or  quad  data 
rate  (QDR),  system  designers  increase  the  bandwidth  of  a 
PCI  Express  slot  by  adding  lanes.  The  range  starts  with  a 
2.5/5Gbit/sec.,  one-lane  or  IX  (pronounced  “times  one”) 


Server-based  I/O  technologies  are  leading  the  charge 
in  higher  I/O  bandwidth  requirements.  Bottlenecks 
could  be  compounded  for  storage  and  networking 
technologies,  because  more  than  one  adapter  may  be 
used.  On  the  desktop,  graphics  technologies  with 
bandwidth  requirements  beyond  the  capacity  of  AGP 
8X  will  use  PCI  Express,  Mote:  All  bandwidth  num¬ 
bers  are  shown  in  Gbit/sec.  for  comparison  purposes. 


SOURCE:  SERVER  WORKS  INOr 


connection  all  the  way  up  to  an  8/16Gbit/sec.  32X  design. 
Initially,  desktop  expansion  slots  are  expected  to  range 
from  IX  to  4X;  servers  will  likely  range  from  4X  to  8X;  and 
graphics  will  run  off  16X  slots. 

So  while  PCI-X  2.0  supports  up  to  2GB/sec.  of  traffic  in 
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either  direction,  a  4X  Express  slot  supports  2GB,  but  only 
IGB/sec.  in  one  direction.  If  the  nature  of  the  I/O  is  unidi¬ 
rectional  -  say  read-only  access  to  a  serial-attached  stor¬ 
age  array  -  then  a  comparable  PCI  Express  device  would 
need  to  be  8X. 


Continued  from  page  23 
width  is  more  of  an  issue,  PCI  Express 
faces  competition  from  enhanced  ver¬ 
sions  of  the  PCI  bus  standard,  includ¬ 
ing  the  emerging,  2GB/sec.  PCI-X  2.0, 
due  out  later  this  year.  But  vendors  are 
split  on  whether  to  stay  on  the  PCI-X 
road  for  backward  compatibility  or  go 
directly  to  PCI  Express. 

“We  are  focused  on  PCI-X  2.0  in  the 
2004-2005  time  frame.  It  provides  im¬ 
provements  in  performance  and  back¬ 
ward  compatibility  for  investment  pro¬ 
tection,”  says  David  Heisey,  manager  of 
advanced  technology  at  Hewlett-Pack¬ 


ard  Co.  IBM’s  Bradicich  agrees  that  the 
current  PCI  specification  “does  not 
comprehend  the  requirements  for 
servers  in  the  enterprise.” 

But  Jimmy  Pike,  director  of  server 
architecture  at  Dell  Computer  Corp., 
says  his  company  plans  to  pass  on  PCI- 
X  2.0.  “Everybody  is  already  admitting 
that  there  is  some  reasonably  short  life 
to  the  stuff  they’re  putting  on  PCI-X 
2.0.  Your  investment  is  better  protect¬ 
ed  with  PCI  Express,”  he  says. 

The  issue  may  be  decided  by  chip-set 
makers,  since  the  use  of  PCI  Express  in¬ 
ternally  makes  deploying  the  technol¬ 


ogy  for  external  I/O  devices  easier. 

“Whoever  is  providing  the  chip  sets 
will  determine  whether  PCI  Express 
will  appear  in  systems,”  predicts  Bradi¬ 
cich.  Intel  dominates  the  desktop  mar¬ 
ket.  Santa  Clara,  Calif. -based  Server- 
Works  Inc.  has  the  lion’s  share  of  the 
server  market,  and  it  plans  to  focus  on 
PCI-X  2.0  chip  sets,  says  Virkam  Kar- 
vat,  director  of  marketing  at  the  Broad¬ 
com  Corp.  subsidiary.  He  doesn’t  ex¬ 
pect  to  see  PCI  Express  in  servers  until 
2005,  which  is  when  Bradicich  says  IBM 
plans  to  include  it  in  the  xSeries  line. 

Even  then,  PCI  isn’t  likely  to  go  away 
anytime  soon,  which  means  IT  will  be 
managing  yet  another  I/O  interface. 

Motherboard  of  Invention 

While  servers  have  adopted  faster  ver¬ 
sions  of  PCI,  most  desktop  vendors 
have  stayed  with  the  original  standard 
because,  outside  of  graphics,  desktops 
haven’t  been  I/O  bound. 

Once  users  need  the  bandwidth,  PCI 
Express  could  take  off  because  Intel’s 
dominance  in  PC  chip  sets  gives  it  the 
power  to  push  PCI  Express  into  the 
majority  of  desktops,  says  Bert  McCo- 
mas,  an  analyst  at  InQuest  Market  Re¬ 
search  in  Higley,  Ariz.  “Since  it’s  on  the 
motherboard,  [vendors  will]  wire  it  up 
to  a  slot  or  two  or  three,”  he  says. 

Chuck  Stancil,  a  technical  staff  mem¬ 
ber  in  HP’s  personal  systems  group, 
agrees  that  desktops  will  eventually  go 
to  PCI  Express.  The  question  is  when. 

PCI  Express  will  gain  a  foothold  in 


2004  by  replacing  the  AGP  graphics 
slot,  enabling  faster  high-end  graphics 
and  streaming  video  applications  on 
desktops.  But  its  use  for  general-pur¬ 
pose  I/O  could  be  much  further  out. 

Nathan  Brookwood,  an  analyst  at  In- 
sight64  in  Saratoga,  Calif.,  predicts  that 
other  high-performance  I/O  applica¬ 
tions  will  come  once  systems  are 
equipped  to  take  advantage  of  them. 
And  one  application  is  already  here. 
“Gigabit  Ethernet  really  can  saturate  a 
desktop  PCI  bus.  To  get  around  that, 
vendors  are  doing  all  sorts  of  funny,  ad 
hoc  solutions,”  Brookwood  says. 

Tony  Pierce,  chairman  of  PCI-SIG, 
says  he  expects  Gigabit  Ethernet  will 
become  standard  in  desktop  systems 
within  12  to  18  months,  which  could 
give  PCI  Express  some  momentum. 

The  technology  will  likely  phase  in 
slowly,  though.  “There  isn’t  a  com¬ 
pelling  reason  to  ditch  PCI  slots,  which 
are  dirt  cheap,”  and  replace  them  with 
PCI  Express,  says  Stancil.  And  though 
vendors  say  PCI  Express  ultimately 
will  be  less  expensive  to  deploy,  the 
need  to  support  both  PCI  and  PCI  Ex¬ 
press  means  that  early  hybrid  machines 
are  likely  to  be  more  costly.  Without  a 
compelling  need,  the  complexity,  com¬ 
patibility  and  cost  issues  could  leave 
many  organizations  on  the  sidelines.  I 

WHITHER  IMNIBAND? 

The  technology  may  have  found  its  niche: 
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PCI  Express,  designed 
as  a  general-purpose 
1/0  technology,  could 
replace  the  proprietary 
“mezzanine  bus” 
communication 
technologies  used  for 
internal,  chip-to-chip 
communications,  as 
well  as  AGF  tor 
graphic:  1/0  and  PCI  for 
expansion  cards.  For 
hard  disk  drive  1/0,  ATA 
techr  ogy  will  migrate 
to  its  own  s 
standard,  called  Serial 
ATA,  and  will  access  the 
1/0  hub  in  the  chip  set 
directly  [see  “Serial  ATA 
Takes  on  SCSI,” 
QuickLink  36976]. 
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We’ve  al  ays  made  your  applications  reliable.  Now  we  make  them  faster,  too 
VERITAS  a  quired  Precise  Soft  'are,  the  leader  in  application  performance 
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Visual  Studio  .NET  can  help  you  with  (nearly)  every  part  of  your  job.  Your  Web  applications  just  got  faster.  ASP.NET,  the 

Web  application  environment  in  Visual  Studio  .NET,  offers  dramatically  improved  performance  over  classic  ASP.  Here's  how: 
O  Compiled  Page  Execution  ASP.NET  pages  are  compiled  once  and  cached  in  memory  instead  of  being  interpreted  each  time 
the  page  is  requested.  B  Rich  Output  Caching  ASP.NET’s  caching  features  quickly  retrieve  database  queries,  full  pages  (or  parts 
of  pages:),  and  objects  from  memory  for  improved  app  performance.  B  Crash  Protection  Web  applications  can't  be  fast  if  they're 

m 

"Connect  tlnforfees  may  apply.  The  Nile  Application  Benchmark  is  a  Doculabs/Ziff  Davis  e-commerce  benchmark  that  represents  a  complete,  end  to-end.  e-commerce  application  with  realistic,  heavy  user  loads  placed  on  the  system  See 
msdn.microsoft.com/vstudio/trylt  for  complete  details.  2003  Microsoft  Corporation.  All  rights  reserved.  Microsoft,  the  .NET  logo.  Visual  Studio,  th*  Visual  Studio  'ugo.  and  W.i-.u  .....  o  m  iMdema.^  r ;  ■  u  ■■■  . v ....  ■  ■  -  ,  r 

the  United  States’  ai^/or-Mher  countries.  The  names  of  actual  companies  and  products  mentioned  herein  may  be  the  trademarks  of  their  respective  owners 
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down.  Duh.  So  ASP.NET  automatically  detects  and  recovers  from  errors  like  deadlocks  so 
your  application  is  always  available.  And  now  the  newly  released  Visual  Studio  .NET  2003  is 
here  for  building  and  deploying  even  faster  and  more  stable  applications.  Try  it  now:  log 
on  to  a  fully  featured,  free*  online  hosted  session  and  get 

Microsoft 

more  information  at  msdn.microsoft.com/vstudio/tryit  VisualStudio.net 
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loehringer  Cures 
Slow  Reporting 


A  pharmaceutical  giant 
tumstoanSAP/Cognos 
system  to  speed  finan¬ 
cials.  By  Marc  L  Songini 


How  Boehringer 
Gets  Its  Numbers 

The  pharmaceutical  maker  has  linked  its  supply  chain 
and  Ariba  purchase-order  systems  to  feed  into  its  SAP 
Financials  software,  which  dumps  daily  updates  into  an 
Oracle  data  warehouse.  Using  a  Web  browser,  the  staff 
can  then  access  a  suite  of  reporting  tools  that  can  oper¬ 
ate  on  the  data  to  generate  up-to-date  financial  reports. 


BOEHRINGER  INGELHEIM  GMBH  is  a  huge  com¬ 
pany,  with  $7.6  billion  in  revenue  and 
32,000  employees  in  60  nations.  But  the 
Ingelheim,  Germany-based  pharmaceuti¬ 
cal  maker  says  Web-enabled  reporting  and  financial 
applications  are  making  the  company  as  nimble  as 
some  of  its  smaller  competitors  when  it  comes  to 
running  financials. 

Like  many  large  corporations,  Boehringer  is  turn¬ 
ing  to  Web-based  financial  and  analytical  tools  to 
rapidly  consolidate  and  present  key  financial  data  on 
a  daily,  weekly  or  monthly  basis.  The  company  uses  a 
Web-enabled  version  of  SAP  AG’s  financial  software, 
which  allows  it  to  drill  down  and  draw  conclusions 
based  on  the  latest  available  financial  and  opera¬ 
tional  data. 

“I  want  to  be  told  where  I  stand  and  where  we  are 
heading,”  says  Boehringer’s  chief  financial  officer, 
Holger  Huels.  “I  like  to  [be  able  to]  see  negative 
trends  and  counter  them  as  fast  as  possible.” 

More  important,  Boehringer  is  now  able  to  close 
its  books  for  most  of  its  divisions  just  two  hours  after 
the  close  of  business  at  the  end  of  each  month,  and 
the  technology  is  capable  of  providing  a  daily  close 
as  well,  says  Huels. 

That’s  a  big  change  for  Boehringer’s  accounting 
department,  which  previously  had  to  wait  for  printed 
reports  and  then  pick  through  them  manually.  The 
staff  used  a  variety  of  applications  for  financial 
analysis,  including  several  different  versions  of  SSA 
Global  Technologies  Inc.’s  BPCS  analytical  software, 
says  Tony  Ciancio,  Boehringer’s  director  of  account¬ 
ing.  The  closing  process  spanned  three  days  each 
month,  including  the  time  required  to  reconcile  data 
from  the  disparate  systems. 

Ciancio  says  that  with  three  and  a  half  years  worth 
of  SAP  data,  his  department  can  spot  product  sales 
trends  and  track  expenses  such  as  personnel  costs, 
which  are  frequently  reviewed  and  compared  with 
net  sales  and  other  metrics. 

The  pharmaceutical  company  went  live  on  the 
SAP  Financials  SAP  R/3  system  a  little  more  than  a 
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year  ago,  after  a  14-month  rollout.  Delivering  the  nec¬ 
essary  information  from  Boehringer’s  various  trans¬ 
actional  applications  required  some  integration  work 
between  a  hospital  contract  and  rebate  system  li¬ 
censed  from  I-many  Inc.  and  purchase-requisition 
software  from  Ariba  Inc.  that  ties  into  SAP. 

Boehringer  also  had  to  write  custom  interfaces  to 
link  its  SAP  system  to  its  Manugistics  Inc.  produc¬ 
tion  and  planning  application,  which  required  writ¬ 
ing  custom  interfaces  in-house. 


Addressing  Key  Challenges 

The  system  uses  Cognos  Inc.’s  Impromptu  tool  to  re¬ 
port  financial  results  from  an  Oracle  data  warehouse, 
which  takes  feeds  from  the  SAP  system  each  night, 
says  Ciancio.  Impromptu  then  creates  standard  in¬ 
come  statements,  cost  center  reporting  and  account- 


level  analysis.  It  also  lets  the  accounting  staff  drill 
down  to  individual  transactions. 

The  biggest  difficulty  wasn’t  integration,  however; 
it  was  training  staff  to  deal  with  the  unique  way  the 
SAP  application  deals  with  pharmaceutical-specific 
accounting  procedures  as  it  reports  revenue,  says 
Ciancio.  To  address  that  problem,  the  company  de¬ 
veloped  job-based  SAP  training  courses  taught  by 
employees  who  were  considered  power  users. 

“Each  employee  was  assigned  a  series  of  training 
courses  that  were  based  upon  the  job  roles  that  are 
associated  with  their  particular  jobs.  These  courses 
are  constantly  being  updated  to  reflect  new  trans¬ 
actions  or  processes,”  says  Ciancio. 

Despite  the  amount  of  time  required  for  training, 
the  system  has  made  the  accounting  department 
much  more  productive,  in  part  because  the  staff  can 
now  run  up-to-date  reports  whenever  needed,  ac¬ 
cording  to  Ciancio. 

Boehringer  also  uses  Ottawa-based  Cognos’  Power- 
Play  analysis  tool,  which  permits  multidimensional 
views  of  profit-and-loss  data.  “We  can  quickly  ana¬ 
lyze  revenue  and  expense  information  by  switching 
the  columnar  and  row  data,  and  also  bring  in  differ¬ 
ent  dimensions  or  measures  such  as  budget,  prior 
year,  drill-down  and  subsets  of  the  data,”  Ciancio  says. 

Executives  can  access  this  data  through  Cognos 
Upfront,  which  securely  delivers  the  reports  via  a 
browser  over  a  WAN.  The  system  also  allows  for 
ad  hoc  analyses.  The  most  common  of  these  are 
transaction  reviews  that  let  users  get  fast  summaries 
by  customer  account  or  product. 

Ciancio  says  the  new  system  is  running  as  effi¬ 
ciently  as  possible,  but  it  has  limitations.  For  in¬ 
stance,  there  is  still  a  one-day  lag  in  reporting  be¬ 
cause  some  parts  of  the  global  organization  are  still 
using  disparate  systems. 

Boehringer  usually  closes  the  books  for  four  of  its 
divisions  in  12  hours,  typically  on  the  first  business 
day  of  the  month,  Ciancio  explains.  However,  three 
units  aren’t  on  SAP  and  don’t  use  its  general  ledger. 
So  those  units  have  to  close  independently,  and  then 
the  financial  data  is  consolidated  through  Excel 
spreadsheets  into  Cognos  Finance  for  reporting, 
which  requires  manual  intervention  and  takes 
another  day. 

“For  many  reports,  this  is  acceptable.  For  others, 
we  are  challenged  in  evaluating  options  for  getting 
real-time  updates  and  reporting  up  to  the  minute  to 
the  Web,”  Ciancio  says. 

In  addition,  because  not  all  the  U.S.  affiliates  are 
on  SAP,  it’s  impossible  to  report  on  some  of  the  low¬ 
er-level  data.  Transactional  data  is  available  when 
needed  from  the  non-SAP  systems  by  downloading 
or  doing  queries  and  pulling  it  into  an  Oracle  data 
warehouse  or  Excel  for  presentation  in  reports.  “It  is 
not  fully  automated,  but  it  can  be  done,”  Ciancio  says. 

Currently,  he’s  evaluating  interfacing  financial  data 
from  the  other  Boehringer  affiliates  into  the  Cognos 
financials  consolidation  software.  However,  there  are 
significant  challenges  because  of  the  disparate  gen¬ 
eral-ledger  systems  and  reporting  structures. 

But  Boehringer  plans  to  roll  out  the  SAP  system  to 
most  of  its  subsidiaries  worldwide  over  the  next  few 
years,  says  Ciancio.  Despite  continuing  struggles,  the 
company  is  convinced  that  the  savings  from  the  SAP 
system  have  already  exceeded  expectations,  he  says.  I 
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PLUGGING 

STORAGE 

SECURITY 

HOLES 


SAN  and  NAS  systems  have  security 
problems.  Here’s  how  to  fix  them. 

By  Lucas  Mearian 


Storage  systems  weren’t 
designed  with  security  in 
mind.  They  started  out 
as  direct-attached,  so  if 
the  host  was  secure,  the 
storage  was  too.  That’s  all  changed. 

Fibre  Channel  storage  networks  of¬ 
ten  have  multiple  switches  and  IP  gate¬ 
ways,  allowing  access  from  a  myriad  of 
points.  Compound  this  with  poor  work 
by  systems  administrators,  new  data 
security  laws  and  recent  high-profile 
cases  of  consumer  information  theft, 
and  the  need  for  improved  storage  se¬ 
curity  becomes  urgent. 

But  if  systems  administrators  can’t 
follow  the  basic  steps  of  network  stor¬ 
age  security,  better  tools  may  not  help. 
That’s  part  of  the  reason  why  encryp¬ 
tion  is  becoming  the  most  widely 
adopted  solution  to  the  problem. 
Misconfiguring  logical  unit  number 


(LUN)  zones  and  not  maintaining  net¬ 
work-access  lists  are  two  major  causes 
of  unauthorized  access  to  storage  net¬ 
works,  says  Nancy  Marrone,  an  analyst 
at  The  Enterprise  Storage  Group  Inc. 
in  Milford,  Mass.  Another  common 
mistake  administrators  make  is  not 
bothering  to  change  the  device  default 
password,  according  to  Dennis  Martin, 
an  analyst  at  Evaluator  Group  Inc.  in 
Greenwood  Village,  Colo. 

Beyond  the  human  failings,  Fibre 
Channel  itself  isn’t  a  secure  protocol. 
Through  it,  application  servers  can  see 
every  device  on  a  storage-area  network 
(SAN).  Switch  zoning  and  LUN  mask¬ 
ing  on  a  storage  array  can  restrict  ac¬ 
cess  to  devices  on  a  SAN.  Zoning  seg¬ 
regates  a  network  node  either  by  hard 
wiring  at  the  switch  port  or  by  creating 
access  lists  around  device  world  wide 
names  (WWN).  Masking  hides  devices 


on  a  SAN  from  application  servers  ei¬ 
ther  through  software  code  residing  on 
each  device  or  through  intelligent  stor¬ 
age  controllers  that  permit  only  cer¬ 
tain  LUNs  to  be  seen  by  a  host’s  oper¬ 
ating  system. 

According  to  Marrone,  managing  ac¬ 
cess  through  LUN  masking  works  on 
smaller  SANs  but  becomes  cumber¬ 
some  on  large  SANs  because  of  the  ex¬ 
tensive  configuration  and  maintenance. 

Encryption  Makes  Gains 

Given  these  human  errors  and  technol¬ 
ogy  shortfalls,  some  users  are  turning 
to  encryption. 

Michelle  Butler,  technical  program 
manager  for  the  National  Center  for 
Supercomputing  Applications  (NCSA) 
at  the  University  of  Illinois  at  Urbana- 
Champaign,  manages  three  SANs  — 
two  with  60TB  of  capacity  and  one 
with  40TB.  For  her,  security  means 
that  data  needs  to  be  encrypted,  both 
when  it’s  in  transit  and  stored  on  a  disk 

—  or  “at  rest.” 

“There  are  some  tools  out  there,  but 
there  are  also  some  big  gaping  holes 
being  left  that  so  far  don’t  seem  that 
interesting  to  hackers,”  Butler  says. 

Nevertheless,  the  NCSA  plans  to  buy 
Brocade  Communications  Systems 
Inc.’s  newly  released  Secure  Fabric 
operating  system  and  Fabric  Manager 
software.  Butler  says  the  products  will 
allow  her  storage  administrators  to 
create  network  management  access- 
control  lists  using  public-key  infra¬ 
structure  (PKI)  technology  and  device 
access-control  lists  based  on  WWN. 
The  software  also  offers  authentication 
and  encryption  for  control  information 
or  management  data  on  SAN  devices. 

Examples  of  the  necessity  of  encryp¬ 
tion  abound.  For  instance,  in  January,  a 
disk  drive  with  176,000  insurance  poli¬ 
cies  was  stolen  from  Guelph,  Ontario- 
based  Co-operators  Life  Insurance  Co. 

In  response  to  events  like  this,  Cali¬ 
fornia  adopted  a  new  law.  SB  1386, 
which  went  into  effect  this  month,  re¬ 
quires  any  company  that  stores  infor¬ 
mation  about  California  residents  to 
publicly  divulge  any  breach  of  security 
affecting  that  data  within  48  hours. 

In  addition,  Sen.  Dianne  Feinstein’s 
(D-Calif.)  office  is  finalizing  a  federal 
version  of  the  bill  —  called  the  Data¬ 
base  Security  Breach  Notification  Act 

—  that  would  provide  similar  protec¬ 
tions  to  all  U.S.  residents.  The  only 
companies  exempt  from  the  California 
law  and  the  proposed  national  legisla¬ 
tion  are  those  that  encrypt  data  at  rest. 

Several  newly  released  products  ad¬ 
dress  concerns  posed  by  the  recent  leg¬ 
islation.  In  April,  Mississauga,  Ontario- 


Get  up  to  speed  on  the  port¬ 
zoning  method  your  vendor  uses 
(they’re  not  all  the  same). 


Change  default  passwords 
on  new  hardware. 

Design  the  topology  of  a  SAN 
with  network  security  adminis¬ 
trators. 

Encrypt  data  both  at  rest 
and  in  transit. 

\ 

Consider  carefully  how  you 
dispose  of  old  hard  drives 
and  backup  tapes. 


based  Kasten  Chase  Applied  Research 
Ltd.  announced  its  Assurency  Secure 
Networked  Storage  platform,  agent- 
based  software  that  provides  a  stripped- 
down  PKI-based  authentication  and 
encryption  for  networked  storage  de¬ 
vices.  The  company  estimates  that  a 
complete  encryption  system  is  gener¬ 
ally  7%  to  10%  of  the  cost  of  a  SAN. 

Other  Vendors 

Another  company  getting  noticed  is 
start-up  appliance  vendor  Decru  Inc. 
in  Redwood  City,  Calif.,  which  uses 
proprietary  software  to  encrypt  data 
on  the  storage  array,  but  uses  the  IPsec 
protocol  on  the  application  server  to 
encrypt  data  while  in  transit.  Its  Data- 
Fort  security  appliances  work  for  for 
both  SANs  and  network-attached 
(NAS)  storage. 

Vormetric  Inc.  in  Santa  Clara,  Calif., 
sells  an  appliance  that  encrypts  data  at 
the  file  level  for  NAS,  file  servers  and 
tape  archival  systems  but  not  at  the 
block  level  for  SANs.  And  NeoScale 
Systems  Inc.  in  Milpitas,  Calif.,  sells  a 
product  called  CryptoStor  FC,  that 
provides  wire-speed,  policy-based  en¬ 
cryption  for  SAN  and  NAS  data. 

Although  most  currently  available 
storage  security  technologies  offer  en¬ 
cryption,  analysts  say  it’s  important  for 
users  to  make  sure  that  the  data  is  en¬ 
crypted  both  at  rest  and  while  being 
transmitted  across  networks.  I 
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TV  for  the 
21stCentu 


PBS  is  leading 
the  industry 
into  a  brave  new 
world  of  IT.  By 

Gary  H.  Anthes 


B: 
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FUTURE 

WATCH® 


ORROWING  supply 
chain  automation  con¬ 
cepts  from  the  manu¬ 
facturing  world,  Public 
Broadcasting  Service  is  re¬ 
inventing  the  way  it  manages 
and  distributes  television  pro¬ 
grams.  The  overhaul,  expected 
to  be  completed  by  2006,  will 
fundamentally  change  the 
dynamics  and  economics  of 
TV  broadcasting,  PBS  says. 

Today,  PBS  distributes  pro¬ 
grams  to  its  177  member  sta¬ 
tions  as  real-time  video 
_  streams  from  satel¬ 
lites.  A  single  show 
may  be  sent  a  dozen 
times,  depending  on 
the  time  zone,  sched- 
uling  and  weather 
conditions.  Many  of  these 
transmissions  require  some¬ 
one  at  the  station  to  be  stand¬ 
ing  by  to  “catch”  the  trans¬ 
mission  to  videotape  or  on  a 
video  server. 

Indeed,  the  entire  program¬ 
ming  supply  chain  —  from 
the  content  producer  to  PBS 
to  local  stations  —  is  punctu¬ 
ated  by  laborious,  exacting 
and  error-prone  manual  pro¬ 
cedures.  And  it  requires  pun- 
ishingly  expensive  and  spe¬ 
cialized  broadcast  equipment. 
Every  station  has  “master  con¬ 
trol”  equipment  that  can  cost 
more  than  $10  million. 

But  PBS  aims  to  replace  the 
pricey  gear  with  Intel-based 
computers;  the  real-time  video 
feeds  with  store-and-forward, 
IP-based  file  transmissions;  the 
physical  handling  of  tapes  with 
drag-and-drop  mouse  move¬ 
ments;  and  the  labor-intensive 
quality  control  with  software. 

Andre  Mendes,  chief  tech¬ 
nology  integration  officer  at 
PBS  in  Alexandria,  Va.,  says 
the  new  technology  will  im¬ 
prove  broadcast  reliability  and 


quality  and  enable  new  broad¬ 
cast  services.  It  will  save  PBS 
and  its  member  stations  more 
than  $100  million  annually, 
and  it  will  allow  the  survival 
of  some  stations  now  on  the 
brink  of  bankruptcy,  he  says. 

Progress  at  PBS 

PBS  technicians  may  run 
through  a  videotaped  show 
several  times  —  once  to  check 
for  quality,  again  to  insert 
V-chip  information,  again  to 
add  branding  and  logos,  then 
again  to  add  closed  captioning 
or  Spanish  audio,  and  so  on.  At 
each  step,  they  do  a  technical 
evaluation  of  the  entire  tape, 
so  a  one-hour  show  might  in¬ 
volve  several  hours  of  checks. 

These  multiple  steps  are  re¬ 
quired  because  PBS  often  gets 


show  content  in  several  pieces 
from  the  producer  and  in  a  va¬ 
riety  of  formats. 

Under  the  new  scheme,  PBS 
will  either  get  all  the  content 
at  once,  as  a  data  file  transmit¬ 
ted  over  IP,  or  it  will  get  the 
individual  components  ac¬ 
companied  by  metadata  that 
describe  them  and  explain 
how  they  are  to  be  combined. 
PBS  technicians  will  then  pro¬ 
duce  the  final  show  in  one  step. 
“What  used  to  take  six  hours 
will  now  take  one  hour  or  less 
because  we  can  do  it  faster 
than  real  time,”  Mendes  says. 

At  the  end  of  this  single 
technical  evaluation,  the  TV 
show  will  exist  as  ordinary 
digital  data,  subject  to  storage 
on  commodity  computer  stor¬ 
age  systems  and  transmission 
as  discrete  files  over  IP-based 
networks,  either  terrestrial  or 
satellite-based.  Currently,  a 
tape  has  to  be  pulled  from 
storage,  cached  onto  a  video 
server,  manually  scheduled 
and  then  streamed  in  real  time 
via  satellite  and  caught  on  the 
station  side  each  and  every 
time  a  station  wants  it. 

“Now  it  will  be  dragged  and 
dropped  into  a  schedule,  and 
it  will  be  sent  and  caught  auto¬ 
matically  without  any  further 


Public  Television’s  New  Supply  Chain 

TV  programs  will  flow  from  producers  (manufacturers)  to  PBS  (distributor)  to  local 
stations  (retailers)  to  viewers  (consumers)  in  a  highly  automated  way.  Programs  and 
metadata  describing  them  will  move  as  files  over  IP  networks  via  satellite  or  the  Internet. 
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manual  labor,”  Mendes  says. 

The  need  for  human  inter¬ 
vention  will  go  way  down,  and 
so  will  errors  —  no  more  tapes 
deteriorating  from  age,  no 
more  grabbing  the  wrong  tape. 
Error-checking  software  and 
other  techniques  can  preserve 
the  integrity  of  every  bit, 
just  as  with  any  data  storage, 
Mendes  says. 

Change  at  the  Stations 

Local  stations,  used  to  getting 
pushed  content  only,  will  be 
able  to  pull  programming  over 
the  network  by  clicking  on 
items  in  menus.  They  will 
be  able  to  use  a  Web  browser 
to  preview  programs  and, 
through  a  thin  client,  build 
daily  and  weekly  schedules  re¬ 
motely  on  a  server  at  PBS.  At 
the  right  time,  software  at  PBS 
will  package  the  entire  sched¬ 
ule  and  send  it  to  a  server  at 
the  station  by  satellite  over  IP, 
all  with  no  manual  effort  at 
either  end. 

“Labor  savings  will  be  pret¬ 
ty  substantial,”  says  Ron  Kain, 
chief  technology  officer  at 
WITF  in  Harrisburg,  Pa.  “And 
if  you  don’t  have  to  devote  so 
many  resources  to  particular 
technical  functions,  you  can 
repurpose  those  resources  to 
produce  more  local  content, 
where  the  real  value  is.” 

PBS  has  several  stations  try¬ 
ing  out  these  concepts  now, 
and  it  hopes  to  have  the  initial 
stations  in  production  by  July 
2004.  “We  are  transforming 
the  broadcast  world  into  an 
IP  world,”  Mendes  says.  “Our 
complicated  delivery  environ¬ 
ment  comes  down  to  a  supply 
chain  management  problem, 
with  just-in-time  inventory 
and  all  the  things  we  have 
been  hearing  for  years  from 
manufacturing.” 

“Because  of  advances  in 
IT,  PBS  can  really  begin  to 
adopt  these  supply  chain  prin¬ 
ciples,”  says  Jim  Wollack,  a 
senior  manager  at  Accenture 
Ltd.  “Many  industries  will 
adopt  these  standards-based 
platforms  and  begin  to  do  simi¬ 
lar  things.” 

“These  concepts  will  proba¬ 
bly  be  widely  adopted  world¬ 
wide  because  the  savings  and 
quality  improvements  are  so 
compelling,”  Mendes  says.  I 
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Arrogance  Undermines 
Best  Antivirus  Defense 


Overconfidence  and  a  series  of  mis¬ 
steps  allow  a  virus  through  the  corpo 
rate  defenses.  By  Vince  Tuesday 


I’VE  ALWAYS  BEEN  PROUD  OF 
my  security  team’s  anti¬ 
virus  defense  and  scathing 
in  my  criticism  of  other 
companies  that  have  had  virus 
problems,  believing  as  I  did 
that  any  organization  can 
eliminate  virus  problems  by 
using  a  simple,  layered  de¬ 
fense  like  ours. 

We  deploy  antivirus  soft¬ 
ware  on  our  desktops,  on  our 
file,  Web  and  e-mail 
servers,  and  at  the 
e-mail  and  Web  gate¬ 
ways.  We  even  use  an 
outsourced  e-mail 
scanning  service.  We 
use  a  range  of  ven¬ 
dors’  products  and 
update  signatures  daily.  I’m 
proud  of  that  system. 

But  then,  pride  goes  before 
the  fall. 

It  started  when  the  PC  sup¬ 
port  team  reported  that  a  user 
said  he  was  receiving  a  weird 
e-mail  message.  An  antivirus 
software  pop-up  had  been  re¬ 
porting  a  virus  on  the  user’s 
machine  since  Thursday.  Now 
it  was  Monday,  and  he  was  just 
calling  it  in. 

This  wasn’t  good.  We  have 
centralized  desktop  virus  re¬ 
porting,  so  we  should  have 
known  about  the  problem 
right  away  and  informed  the 
user,  not  the  other  way 
around.  What  went  wrong? 

The  central  antivirus  server 
had  been  decommissioned  for 
an  upgrade  from  Windows  NT 
4  to  Windows  2000,  but  the 
new  build  had  problems  and 
now  no  central  server  was  on¬ 
line.  Instead  of  getting  the 
new  server  working  and  then 
turning  off  the  old  one,  some¬ 
one  decided  it  would  be 
quicker  to  just  rebuild  the  old 
one.  With  decent  server  and 


gateway  protection,  this  per¬ 
son  presumed  we’d  be  OK 
without  the  server  for  a  few 
days.  Then  those  few  days 
stretched  into  weeks. 

Stupidly,  I’d  taken  the  com¬ 
plete  lack  of  alerts  from  this 
server  to  mean  that  there  were 
no  problems  to  report,  when 
in  fact  it  indicated  a  failure  in 
our  reporting  infrastructure. 

We  managed  to  track  the  in¬ 
fection  to  a  new 
user  whose  machine 
didn’t  have  antivirus 
software.  This  flies 
in  the  face  of  our  an¬ 
tivirus  policy.  How 
could  it  have  hap¬ 
pened? 

The  support  group’s  process 
for  new  builds  is  to  install 
Windows  and  the  applications 
and  then  push  the  antivirus 
configuration  from  the  central 
antivirus  server  —  which  was 
down  for  rebuilding. 

Not  only  did  we  not  have 
central  reporting,  but  also  we 
had  no  protection  on  new  ma¬ 
chines  rolled  out  during  the 
two  weeks  the  machine  was 
down.  What  caused  me  to 
miss  this?  In  a  word,  compla¬ 
cency.  We  hadn’t  had  a  virus 
outbreak  for  two  years,  and  we 


Unprotected  and 
infected  desktops 
kept  reinfecting  files 
that  we  had  scanned 
and  cleaned.  It  was 
like  bailing  water 
from  the  Titanic. 


had  lowered  our  guard. 

Fortunately,  the  previously 
deployed  client  software  was 
configured  to  download  up¬ 
dates  from  the  Internet  as  well 
as  the  central  server,  so  at 
least  the  older  desktop  ma¬ 
chines  were  up  to  date  with 
antivirus  signatures. 

More  Trouble 

But  it  gets  worse.  This  user 
also  managed  to  infect  an 
unauthorized  file  server  in  the 
development  group.  Luckily 
the  virus  was  weak,  only  af¬ 
fecting  .exe  files  and  spread¬ 
ing  by  way  of  shared  files. 

We  attempted  to  purge  the 
virus  from  that  server,  but  our 
antivirus  software  kept  crash¬ 
ing  before  we  could  finish 
scanning  the  machine.  Mean¬ 
while,  unprotected  and  infect¬ 
ed  desktops  kept  reinfecting 
files  that  we  had  scanned  and 
cleaned.  It  was  like  bailing  wa¬ 
ter  from  the  Titanic.  So  I  dis¬ 
abled  the  network  card  on  the 
file  server  to  give  us  some 
time  to  solve  the  problem. 

My  team  downloaded  a 
more  recent,  compatible  ver¬ 
sion  of  the  antivirus  software 
and  installed  it  on  the  server. 
The  scan  then  worked  proper¬ 
ly  and  we  re-enabled  the  file 
server. 

By  now  it  was  the  middle  of 
the  night,  but  everything  was 
just  about  back  to  normal.  A 
software  distribution  job  was 
rolling  out  the  client  software 
to  all  recently  built  PCs,  and 
rebuilding  the  central  anti¬ 
virus  server  was  a  top  priority. 

But  I  received  my  biggest 
shock  a  few  days  later,  after  a 
few  late  nights  cleaning  up 
and  making  sure  everything 
was  properly  in  place. 

A  PC  help  desk  staffer  sub¬ 
scribes  to  Sophos  PLC’s  anti¬ 
virus  e-newsletter  and  for¬ 
wards  it  each  week  to  every¬ 
one  involved  in  antivirus  ef¬ 
forts.  This  week,  when  I 


opened  the  newsletter,  I  saw 
my  company's  name  in  the  top 
story:  “[My  company’s  name] 
hit  by  .exe-infecting  virus.” 

My  world  went  into  pin- 
sharp  focus,  and  I  could  feel 
time  slow  as  I  came  to  a  stark 
realization:  This  was  the  end 
of  my  career.  My  company 
would  excuse  a  minor  virus 
incident,  but  if  the  press  got 
wind  of  it,  I  would  be  hung  out 
to  dry.  How  could  the  news 
have  gotten  out?  Why  would 
Sophos  publish  such  a  story? 
We  certainly  wouldn’t  be  buy¬ 
ing  their  products  again,  I 
fumed,  and  I’d  make  it  my  sole 
goal  to  ruin  their  life  as  they 
had  ruined  mine. 

But  when  I  started  search¬ 
ing  for  the  story  on  the 
Sophos  Web  site  to  get  more 
details,  I  came  up  empty.  Then 
it  hit  me.  I  called  the  PC  help 
desk  staffer  and  politely  asked 
if  he  had  edited  the  newsletter 
before  forwarding  it.  “Oh  yes, 
I’m  glad  someone  actually 
reads  it.  I  added  that  myself, 
since  it  was  the  big  antivirus 
news  for  us.” 

That  added  insult  to  injury. 
Not  only  had  I  stopped  paying 
attention  to  the  fundamentals 
of  my  job,  allowing  a  virus  to 
slip  in,  but  I’d  also  fallen  for 
what  I  should  have  realized 
was  an  obviously  phony 
e-mail  message. 

I’ve  learned  a  valuable  les¬ 
son  about  always  checking 
that  the  basics  are  working 
properly.  I  just  hope  that  I’ve 
suffered  enough  that  the  gods 
leave  me  alone  —  at  least  for  a 
week  or  two.  k 

WHATDOYmiNK? 

This  week’s  journal  is  written  by  a  real 
security  manager.  “Vince  Tuesday,"  whose 
name  and  employer  have  been  disguised 
for  obvious  reasons.  Contact  him  at  vince. 
tuesday@hushmail.com,  or  join  the  dis¬ 
cussion  in  our  forum:  QuickLink  a159Q 

To  find  a  complete  archive  of  our 
Security  Manager's  Journals,  go  online  to 

O  computerworld.com/secjournal 
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Security  Bookshelf 

E-mail  Rules,  by  Nancy  Flynn 
and  Randolph  Kahn;  Amacom 
Books,  2003 

This  delightful 
book  contains 
36  rules  of 
e-mail  manage¬ 
ment-simple 
nuggets  of  infor¬ 
mation  that  bring 
together  a  clear 
policy  on  how  to  protect 
your  company  from  the  ex¬ 
penses,  legal  repercussions 
and  damage  to  its  reputation 
that  could  arise  from  having 
an  e-mail  system. 

The  rules  alone  aren’t  that 
surprising.  For  example.  Rule 
8,  “Apply  e-mail  rules  consis¬ 
tently,  from  summer  interns  to 
the  CEO,”  is  hardly  a  shocker, 
but  I  know  of  many  organiza¬ 
tions  that  don’t  do  this  and 
therefore  expose  themselves 
to  significant  risk. 

The  best  parts  of  this  book 
are  the  real-life  examples  that 
provide  anecdotal  support  for 
the  sensible  rules  put  forth. 

I  heartily  recommend  this 
book  to  anyone  responsible  for 
the  outcomes  of  poorly  man¬ 
aged  e-mail  systems,  be  they 
in  IT  security,  human  re¬ 
sources  or  other  areas  of  man¬ 
agement.  If  you’ll  excuse  me,  I 
must  go  and  make  sure  we  are 
following  Rule  16,  “Don’t  be 
set  up  by  backup.” 

-  Vince  Tuesday 


NAI  Debuts  Latest 
IntruShield  Model 

Network  Associates  Inc.  (NAI) 
in  Santa  Clara,  Calif.,  has  an¬ 
nounced  the  IntruShield  1200, 
a  1U  (1U=1.75  in.)  rack-mount¬ 
ed  hardware  appliance  that 
provides  intrusion-detection 
and  intrusion-prevention  ca¬ 
pabilities  for  midsize  networks. 
The 1200  is  functionally  simi¬ 
lar  to  NAI’s  IntruShield  4000, 
but  it  sports  two  10/100  Ether¬ 
net  ports  instead  of  four.  Avail¬ 
able  August  15,  the  1200  will 
retail  for  $10,995. 

IntruShield  1200+ 
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DEMOmobile  2003 

the  launchpad  for  tomorrow's  wireless  innovations 

September  17-19,  2003  |  Hilton  La  Jolla  Torrey  Pines  |  La  Jolla,  CA 

www.idgef.com/demomobile 


Now's  the  time  to  register  for  DEMOmobile  2003:  the  premier  annual  showcase  of  mobile 
and  wireless  technology  innovation.  DEMOmobile  features  never- before-seen  products  and  services, 
and  lets  you  get  up  close  with  the  industry's  leading  thinkers  -  the  ones  who  are  crafting  the  very  future  of 
the  mobile  and  wireless  marketplace. 


This  year  at  DEMOmobile  2003,  we'll  unveil  some  of  the  newest  and  most  innovative  applications 
for  today's  next-generation  networks,  and  you'll  get  a  peek  at  the  plans  of  major  market  players 
such  as  Nokia,  Qualcomm,  France  Telecom,  Intel  and  Microsoft,  plus  major-label  content  players, 
investors,  and  researchers.  We  can't  leak  any  more  details.  But  we  can  tell  you  that  DEMOmobile  2003 
will  unveil  startling,  breakthrough  technologies  that  will  have  the  industry  abuzz. 


Register  today  at 
www.idgconferences.com/M3ACW 
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Documentum  Adds 
To  eRoom  App 

Documentum  Inc.  has  added  new 
features,  including  project  and 
program  management  capabilities, 
to  its  eRoom  7  Web-based  collab¬ 
oration  application.  Multilevel  se¬ 
curity  and  improved  administrator 
management  have  also  been 
added,  according  to  the  company. 
The  application  is  available  now, 
with  pricing  to  be  announced. 


SMC  Rolls  Out 
802.11  Hardware 

SMC  Networks  Inc.  last  week  an¬ 
nounced  EliteConnect  products 
that  conform  to  802.11a,  b  and  g 
connectivity  standards.  Available 
in  August,  the  EliteConnect  Uni¬ 
versal  2.4/5-GHz  Wireless  Access 
Point  will  start  at  S499.99,  and 
the  EliteConnect  Universal  2.4/ 
5-GHz  Wireless  CardBus  Adapter 
will  start  at  $89.99. 


3ware  Updates 
RAID  Controllers 

3ware  Inc.  announced  last  week 
the  availability  of  its  second-gen¬ 
eration  Serial  ATA  RAID  con¬ 
trollers,  the  Escalade  8506  series, 
and  its  sixth-generation  Parallel 
RAID  controllers,  the  Escalade 
7506  series.  The  Escalade  series 
now  features  64-bit/66-MHz  Pe¬ 
ripheral  Component  Interconnect 
bus  support  and  four-,  eight-  and 
12-port  configurations. 


Brightmail  Unveils 
Anti-Spam  5.0 

Brightmail  Inc.  unveiled  Bright¬ 
mail  Anti-Spam  5.0  with  Bright- 
Sig  2  and  URL  rules.  The  new 
antispam  rule-generation  tech¬ 
nologies  eliminate  the  random¬ 
ness  used  by  junk-mail  senders  to 
thwart  existing  antispam  methods, 
said  Brightmail.  Brightmail  Anti- 
Spam  can  be  obtained  as  a  hosted 
service,  starting  at  about  $1,499 
for  49  users  and  $14  per  user  for 
1,000  seats.  It  will  also  be  avail¬ 
able  as  a  stand-alone  application; 
pricing  hasn’t  been  announced. 


NICHOLAS  PETRELEY 

Another  Front  in 
The  Standards  Wars 


IT’S  TIME  for  yet  another  standards  rant.  This 

time,  I  have  in  my  sights  a  far  more  subtle  villain 
than  programs  that  refuse  to  run  properly  if 
you’re  not  running  the  right  version  of  Windows. 
It’s  more  subtle  than  the  nightmare  of  reaching 
yet  another  Web  site  that  refuses  to  work  unless  you’re 
using  Microsoft  Internet  Explorer.  I’m  talking  about 
the  CPU  in  your  computer,  where  all  the  real  comput¬ 
ing  action  takes  place. 

You’re  probably  unaware  that  you  have  a  CPU  com¬ 


patibility  problem,  because 
in  most  cases,  nothing  ever 
crashes  or  fails  to  run 
properly  due  to  a  lack  of 
CPU  standards.  The  com¬ 
patibility  issue  rears  its 
head  in  terms  of  perfor¬ 
mance;  what  you  may  fail 
to  notice  is  that  your  pro¬ 
grams  don’t  perform  as 
well  as  they  could. 

But  you  would  notice  if 
you  did  as  I  did  a  few 
months  ago  and  started  us¬ 
ing  a  Linux  flavor  called 
Gentoo  Linux,  which  you 
can  find  at  www.gentoo.org. 

When  you  install  a  Windows  appli¬ 
cation,  it’s  precompiled  and  ready  to 
run.  Almost  every  software  package 
available  for  Gentoo  comes  in  the  form 
of  source  code,  not  a  precompiled  exe¬ 
cutable  file.  Gentoo  users  build  usable 
applications  from  the  source  code. 

If  the  application  is  a  large  one,  such 
as  the  OpenOffice  productivity  suite, 
this  takes  a  lot  of  time.  It  might  take  a 
day  or  two  before  the  application  is  in¬ 
stalled  and  running.  Power  users  often 
think  it’s  worth  the  wait,  because  the 
completed  application  is  usually  faster 
and  sometimes  more  stable.  You  end 
up  with  faster  software  because  you 
can  customize  the  Gentoo  packaging 


system  to  compile  your  ap¬ 
plications  using  the  opti¬ 
mization  settings  of  your 
choice. 

My  workstation  is  based 
on  the  Athlon  XP  proces¬ 
sor,  so  I’ve  customized  my 
Gentoo  settings  to  install 
all  software  by  building  it 
with  various  AMD  Athlon 
XP  optimizations,  in  addi¬ 
tion  to  other,  more  generic 
tweaks  that  apply  to  most 
other  processors. 

The  result  is  a  double- 
edged  sword.  On  one  hand, 
all  my  applications  run  faster  and 
more  smoothly.  On  the  other  hand,  all 
the  software  I’ve  installed  on  my  sys¬ 
tem  will  work  only  on  computers  with 
an  Athlon  XP  processor.  The  reason  is 
simple.  The  compiler  sees  my  opti¬ 
mization  settings  and  generates  ma¬ 
chine  instructions  designed  specifical¬ 
ly  for  the  Athlon  XP  processors. 

If  I  copy  the  compiled  versions  of 
the  programs  to  an  Intel  Pentium  4 
system,  the  programs  won’t  run.  A 
Pentium  4  is  designed  in  such  a  way 
that  it  doesn’t  understand  some  of  the 
instructions  for  an  Athlon  XP. 

Chances  are  extremely  good  that 
you  don’t  have  to  worry  about  such 
things.  If  you’re  a  typical  user,  it’s  like¬ 


NiCHOlAS  PETRELEY  is  a 
consultant  and  author  in 
Asheville,  N.C.,  and 
founding  editor  of 
VarUnux.org.  He  can 
be  reached  at 


ly  that  all  the  software  on  your  system 
has  been  compiled  to  run  on  any  x86- 
compatible  processor.  This  is  true  for 
most  power  users  and  even  most  pro¬ 
grammers.  Most  of  your  software  is 
compiled  to  run  equally  well  on  a  486, 
Pentium,  Pentium  II,  Pentium  III,  Pen¬ 
tium  4,  K6,  Athlon,  Athlon  XP,  Athlon 
MP  or  any  of  several  other  alternative 
x86-compatible  systems. 

But  in  the  interest  of  accuracy,  I 
must  point  out  that  there  are  excep¬ 
tions,  which  brings  me  to  my  point. 

A  graphics  card  driver  may  detect 
the  presence  of  an  AMD  processor 
and  use  its  special  3DNow  instruc¬ 
tions.  But  in  general,  some  of  the  best 
features  of  every  system  are  going 
to  waste. 

It  really  is  an  old  story.  The  wasted 
power  results  from  the  fact  that  com¬ 
panies  are  motivated  to  differentiate 
and  add  value  to  their  products  in 
order  to  best  their  competitors.  You 
can’t  solve  the  problem  by  eliminating 
competition. 

And  although  I  desire  more  stan¬ 
dards  and  conformity,  I’m  glad  I  can 
choose  among  different  brands  and 
models  of  processors. 

If  AMD  didn’t  exist,  Pentium  4s 
wouldn’t  be  as  powerful  as  they  are. 
But  you  can  create  standards  that  en¬ 
sure  the  players  all  compete  according 
to  the  same  rules.  The  other  obvious 
solutions  are  too  costly  (a  company 
could  deliver  multiple  custom  exe¬ 
cutables  on  every  CD)  or  complex  (the 
Gentoo  self-compile  approach). 

The  only  practical  (but  unlikely) 
solution  that  comes  to  mind  is  an  ef¬ 
fective  processor-standards  group 
that  companies  such  as  AMD  and  Intel 
would  respect  and  obey.  What  do 
you  think?  I 
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OPINION 

Oracle,  PeopleSoft 
And  You 

Oracle’s  effort  to  take  over  PeopleSoft 
underscores  the  need  for  CIOs  to  protect 
their  own  interests  in  software  contracts, 
says  columnist  Bart  Perkins.  Page  44 


Q&A 

Don’t  Kid  Yourself 

IT  projects  fail  largely  because  of 
“delusional  optimism,”  says  Dan  Loval- 
lo  in  this  month’s  Harvard  Business  Re¬ 
view,  but  IT  managers  can  get  a  clearer 
picture  of  actual  project  risk.  Page  42 


CASE  STUDY 

Thrift  Thrives 
On  Low  Tech 

Washington  Federal  is  doing  just 
fine  financially  —  with  a  decidedly 
low-tech  approach.  Typewriters, 
yes.  Voice  mail,  no.  Page  40 


Even  in  the  economic  doldrums, 
CIOs  are  planning  for  better 
days.  “We  know  we  can’t  do  it 
now,  but  we  can  plan  now  so 
when  things  get  better  we’re 
ready  to  go,”  says  Tony  Romero, 
CIO  at  Mitsubishi  Motor  Sales  of  America 
Inc.  in  Cypress,  Calif.  “If  you  wait  for 
things  to  get  better,  it  can  take  you  a  year  to 
plan,  and  you’ve  wasted  a  year.” 

The  plans  that  CIOs  are  drawing  up  fo¬ 
cus  on  wireless  technologies,  Web  portals, 
CRM,  ERP,  infrastructure  improvements, 
skills  upgrades  and  industry-specific  busi¬ 
ness  projects.  Projects  to  upgrade  security 
and  meet  regulatory  requirements,  which 
have  gone  forward  despite  the  economy, 
will  continue  to  be  high  priorities  as  well 
(see  chart,  next  page). 

Better  days  may  not  be  far  off,  says  Bar¬ 
bara  Gomolski,  who  tracks  IT  spending  at 
Gartner  Inc.  “We’re  starting  to  see  some 
signs  of  recovery,”  she  says.  “There’s  a  lot  of 
pent-up  demand.”  She  expects  to  see  some 
growth  in  IT  spending  by  early  next  year. 

Even  when  that  happens,  no  one  antici¬ 
pates  a  return  to  the  free-spending  atmos¬ 
phere  of  the  1990s.  “I  expect  that  if/when 
an  increase  in  IT  spending  comes,  it  will  be 
conservative,”  says  Greg  Tranter,  CIO  at 
Allmerica  Financial  Corp.  in  Worcester, 
Mass.  “Our  strategy  is  to  exercise  focused 
discipline  around  technology  spending,  re¬ 
gardless  of  market  conditions.” 

“I’m  afraid  this  is  the  way  of  life  forever¬ 
more,”  agrees  Dennis  Klinger,  vice  presi¬ 
dent  for  information  management  at  Flori¬ 
da  Power  &  Light  Co.  (FP&L)  in  Juno 
Beach.  “We’re  going  to  have  to  squeeze 
every  penny.” 

Wish  Lists 

But  that’s  not  stopping  the  flow  of  ideas. 
Romero  has  used  the  downturn  to  complete 
an  IT  assessment  and  develop  a  four-year 
road  map  with  “big  steps  and  baby  steps” 
depending  on  economic  conditions.  He’ll 
begin  with  a  suppliers’  portal  for  manufac¬ 
turing,  a  single  Web  point  of  entry  for  Mi¬ 
tsubishi  to  collaborate  with  vendors.  Then, 
he’ll  tackle  new  financial  systems  as  the 
first  module  in  an  ERP  system  for  manufac¬ 
turing.  “How  fast  we  go  depends  on  the  size 
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The  reflective  phase  gave 
the  business  a  chance  to 
reassess  its  priorities,  and 
that  gave  us  a  chance  to  update  the 
road  map,  so  we  have  a  whole  set  of 
plans  about  what  we  would  attack. 

FRAN  DRAMIS,  CIO,  BELLSOUTH  C0RP. 


of  the  recovery,”  he  says.  For  example, 
the  back  end  of  the  supply  portal  may 
be  connected  at  once  or  in  stages,  de¬ 
pending  on  how  funds  are  flowing. 

“Portals  are  very  hot,”  says  Gomol- 
ski.  “Many  big  companies  have  accu¬ 
mulated  all  these  different  Web  sites, 
and  they’re  not  using  the  same  lan¬ 
guage,  and  they’re  not  integrated,”  she 
explains.  “They’re  trying  to  get  a  single 
[contact]  point.” 

Fran  Dramis’  wish  list  spotlights 
CRM  and  infrastructure.  “Upfront  is 
customer  care:  customer  acquisition, 
continuing  to  integrate  our  databases 
and  products  to  help  in  the  sales  cy¬ 
cle,”  says  the  CIO  at  BellSouth  Corp.  in 
Atlanta.  “Also,  we  would  accelerate  the 
rollout  of  new  IP  capabilities  —  the 
support  system  that  helps  us  to  run 
new  networks.  That  would  be  1A  and 
IB”  on  his  priority  list,  he  says. 

Dramis  adds  that  the  economic 
slowdown  gave  the  business  and  IT 
time  to  step  back  and  recalibrate.  “The 
reflective  phase  gave  the  business  a 
chance  to  reassess  its  priorities,  and 
that  gave  us  a  chance  to  update  the 
road  map,  so  we  have  a  whole  set  of 
plans  about  what  we  would  attack,”  he 
explains.  As  a  result,  he  says,  “when 
things  loosen  up  the  road  map  will 
flow  even  quicker.” 

Revamped  Projects 

Tom  Murphy  is  already  implementing 
his  wish  list.  After  the  bottom  fell  out 
of  the  cruise  business  late  in  2000, 
Royal  Caribbean  Cruises  Ltd.  in  Miami 
mothballed  a  massive  IT  initiative 
called  Leapfrog.  The  billion-dollar 
plan  included  CRM,  supply  chain  and 
human  resources  projects  as  well  as 
enhancements  to  on-ship  technology. 
Now,  CIO  Murphy  is  working  on  a 
more  conservative  version  called 
Jumpstart. 

“Our  industry  had  a  speedy  recov¬ 
ery,  and  we  retracked  our  original 
Project  Leapfrog  into  Jumpstart  and 
defined  a  new  strategy  to  take  a  more 
Fiscally  prudent  approach,”  he  says. 

That  approach  targets  the  same  gen¬ 
eral  goals  but  breaks  the  execution  into 
smaller,  incremental  chunks.  It  includes 
maintaining  the  current  IT  head  count, 
supplemented  by  external  resources 
such  as  San  Diego-based  outsourcer 
Science  Applications  International 
Corp.,  which  Murphy  has  engaged  to 
help  with  a  Web  site  rebuild  and  the 
introduction  of  Java  into  the  IT  shop. 
He’s  also  strictly  prioritizing  project 
work,  enhancements  and  support. 

Murphy  has  built  an  18-month  project 
pipeline  including  the  Web  overhaul, 
major  database  and  data  warehousing 


work  and  implementation  of  middle¬ 
ware  for  both  ships  and  shore.  “By  im¬ 
plementing  middleware,  we’re  taking  a 
component  approach  rather  than  the 
big-bang  approach  of  Leapfrog,”  he 
says.  That  way,  “the  company  is  in  posi¬ 
tion  to  increase  or  decrease  the  spigot” 
depending  on  business  conditions. 

Middleware  and  integration  are  high 
priorities  for  CIOs,  Gomolski  says. 
“They’re  trying  to  take  advantage  of  all 
the  technology  they  have  and  get  it  all 
working  together.” 

Klinger’s  wish  list  at  FP&L  includes 
upgrading  skills.  “Right  now,  we’re 
rifle-shooting  —  doing  just-in-time 
training  —  and  I  would  certainly  want 
to  grow  training”  if  the  budget  im¬ 
proves,  he  says.  He’d  also  like  to  use 
mobile  and  wireless  technologies  to 
enable  technicians  and  engineers  any¬ 
where  in  a  plant  to  get  or  report  vital 
information. 

Klinger  is  working  with  his  business 
executives  on  a  formal  strategic  plan 
for  IT.  “IT  capital  dollars  compete 


with  plant  and  marketing  dollars,  so 
we  try  to  make  it  clear  what  the  IT  in¬ 
vestment  opportunity  is,  and  that  gets 
balanced  against  the  overall  opportuni¬ 
ties,”  he  explains. 

Securing  Compliance 

After  a  slowdown  in  2002,  the  IT  shop 
at  Documentum  Inc.  in  Pleasanton, 
Calif.,  is  going  full  steam  this  year,  says 
CIO  George  Lin.  One  of  his  top  priori¬ 
ties  is  harnessing  IT  to  help  the  com¬ 
pany  comply  with  the  Sarbanes-Oxley 
Act,  a  federal  law  that  seeks  to  ensure 
the  reliability  of  the  financial  state¬ 
ments  of  public  companies.  “This  is 
the  most  urgent  project  all  public  com¬ 
panies  have  to  work  on,”  he  says. 

There’s  also  a  major  renovation  of 
the  customer  services  Web  site  and 
major  enhancements  to  the  PeopleSoft 
Inc.  ERP  software,  including  a  human 
resources  module  and  financial  up¬ 
grades.  Lin  says  he  has  also  been  work¬ 
ing  on  security  and  wireless  technolo¬ 
gies  and  leveraging  IT  to  integrate 


acquired  companies  quickly. 

One  of  the  challenges  for  CIOs  is 
keeping  business  managers  enthusias¬ 
tic  about  IT  at  a  time  when  low  bud¬ 
gets  mean  low  visibility  for  IT.  “That’s 
very  difficult,”  Romero  says.  He’s  kept 
the  business  interested  by  maintaining 
the  most  business-critical  projects  — 
call  center  systems  for  dealers  —  while 
delivering  other  small  but  appreciated 
projects  such  as  a  system  to  consoli¬ 
date  divisional  financial  reporting  and 
analysis.  “Those  are  things  we  can  do 
with  the  resources  in  hand,”  he  ex¬ 
plains.  “We  look  for  quick  hits  to  main¬ 
tain  awareness  that  IT  is  still  here.  And 
we  keep  the  infrastructure  going.” 

Allmerica’s  Tranter  has  used  the  lull 
to  focus  on  in-house  work  such  as  im¬ 
plementing  best  practices  in  project 
management,  service-level  manage¬ 
ment,  root-cause  analysis,  metrics, 
skills  management  and  vendor  man¬ 
agement.  “These  initiatives  got  our 
staff,  and  consequently  our  leadership, 
charged  up,”  he  says. 

But  as  much  as  anything,  the  process 
of  refining  the  IT  wish  list  keeps  the 
business  engaged.  “We’ve  got  pent-up 
demand,”  Dramis  says.  “In  a  down  cy¬ 
cle,  you  really  have  to  prioritize  proj¬ 
ects,  and  the  business  helps,  so  we  get 
even  more  business  engagement  than 
when  money  flows  more  easily.” 

Murphy  agrees:  “Now  that  we  have 
the  execs  doing  the  IT  priorities,  be¬ 
lieve  me,  they  are  very  engaged!” 

But  although  CIOs  are  eager  to  move 
ahead,  some  say  the  downturn  has 
forced  some  needed  introspection. 

“The  IT  spending  slowdown  is  a  gift 
for  CIOs,”  Lin  says.  “It  helps  us  realize 
that  sometimes  the  right  thing  to  do  is 
take  a  couple  steps  back  and  look  at 
big  picture.” 

In  the  boom  days,  he  says,  CIOs  of¬ 
ten  lacked  that  perspective  and  the  re¬ 
sult  was  siloed  projects  with  too  little 
return  on  investment.  “The  slowdown 
taught  CIOs  to  figure  out  the  enter¬ 
prise  way  to  work  the  business  issues; 
to  help  the  business  in  a  cross-func¬ 
tional,  holistic  way,  not  a  siloed  way,” 
he  says.  “CIOs  should  use  the  slow¬ 
down  to  really  build  our  input  into  the 
business.  That  will  prepare  us  for  the 
coming  ramp-up.”  I 


Melymuka  is  a  Computerworld 
contributing  writer.  Contact  her  at 
kmelymuka@yahoo.com. 


BENCHMARKING  TOOL 

To  see  how  your  IT  spending  stacks  up  against  spend¬ 
ing  levels  at  similar-size  companies,  visit  our  Web  site: 
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Spending  Plans: 
Now  and  Later 


What  are  your 
priorities  for  2003? 

BASE:  Survey  of  620  CIOs 

1.  Security  enhancement  tools 

2.  Application  integration/ 
middleware/messaging 

3.  Enterprise  j^Hdeplo^^Mi 

4.  Network  infrastructure/ 
management  tools 

5.  Internal  e-enabling  infrastructure 

6.  Web  design,  development 
and  content  management  tools 

7.  Storage  management 

8.  CRM 

9.  Web  services  (internal  and 
external) 

10.  XML-based  processes/ 
messaging 

SOURCE:  6ARTNER  INC..  STAMFORD. 

CONN  . JANUARY  2003 


What  are  the  first  software 
projects  you’ll  fund  when 
the  economy  improves? 


BASE:  Survey  of  50  U.S.  CIOs; 
multiple  responses  allowed 


CRM 

20% 

Security 

20% 

ERP 

16% 

Storage 

16% 

Application  integration 

14% 

Corporate  portals 

14% 

Supply  chain  management 

14% 

Business  intelligence/data 
warehousing 

12% 

Analytic  applications 

10% 

SOURCE.  MERRILL  LYNCH  &  CO..  NEW  YORK. 
FEBRUARY  2003 
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Open  for 
Inspection 


The  New  York  City 
Department  of  Build¬ 
ings  put  its  bulky  old 
database  of  construc¬ 
tion  documents  on  the 
Web,  where  it’s  avail¬ 
able  anytime,  any¬ 
where.  By  Julia  King 


long  lines  are  a  way  of 
life  most  everywhere  in 
New  York,  but  not  any¬ 
more  at  the  New  York  City 
Department  of  Buildings. 

Since  January,  architects,  engineers 
and  other  professionals  have  been  able 
to  go  online  to  get  the  code,  occupancy 
and  safety  information  they  need  in  or¬ 
der  to  work  on  the  900,000  buildings 
under  the  city’s  jurisdiction.  Before, 
they  would  have  to  queue  up  for  hours 
at  one  of  five  borough  offices  outfitted 


with  green-screen  terminals  linked  to  a 
17-year-old  proprietary  mainframe  sys¬ 
tem.  The  process  could  take  hours  and 
hold  up  building  projects  for  days  or 
even  weeks. 

“At  every  step,  from  the  beginning  to 
the  end  of  a  project,  we  need  to  have 
constant  access  to  city  information, 
and  the  only  way  to  get  it  was  to  make 
a  trip  to  the  borough  office,”  says 
Edouard  Paknia,  an  engineer  in  train¬ 
ing  at  Advanced  Professional  Engi¬ 
neering  PC  in  Brooklyn. 

Now  Paknia  and  others  can  get  the 
same  data  online  in  minutes,  anytime, 
day  or  night.  “Time  is  money,  and  that’s 
made  a  real  difference,”  he  says. 

What’s  remarkable  from  an  IT  and  a 
budgetary  standpoint  is  how  easy  and 
relatively  cheap  it  was  for  the  city  to 
make  users’  lives  so  much  easier,  says 
Matti  Friedman,  the  department’s  di¬ 
rector  of  application  development. 

The  Buildings  Department  used 
Software  AG’s  Entire  X,  a  set  of  XML 
integration  tools,  to  put  a  software- 
based  “wrapper”  around  all  of  its  Ad- 
abas  data  and  programs  written  in 
Software  AG’s  Natural  programming 
language.  This  allowed  mainframe  data 
to  be  passed  to  the  new  Java-based 
Web  system.  “What  the  Entire  X  pack¬ 
age  does  is  take  existing  Natural  code 
and  repackage  it  in  different  formats,” 
Friedman  explains. 

As  for  resources,  it  took  two  develop¬ 
ers  —  a  Java  developer  and  an  Entire  X 
expert,  both  from  the  city’s  central  De¬ 
partment  of  Information,  Technology 
and  Telecommunications  —  less  than 
six  months  to  come  up  with  a  proof-of- 
concept  Web  site  that  recorded  10,800 
hits  on  its  first  day  last  December.  Today 
the  site  is  recording  135,000  hits  daily. 

What’s  more,  the  Buildings  Depart¬ 
ment’s  IT  staff  of  experienced  Natural 
developers  can  maintain  the  depart¬ 
ment’s  legacy  programs,  something 
that  Friedman  calls  a  “tremendous  sav¬ 
ings.  We  didn’t  have  to  throw  every¬ 
thing  out  and  start  from  scratch.  We 
could  use  existing  business  logic,  plus 
make  a  nice  front  end  and  put  it  all  on 
the  Web,”  he  says. 

Another  benefit  Friedman 
anticipates  is  an  improve¬ 
ment  in  internal  employee 
efficiency,  thanks  to  a  separate 
upgrade  that  will  make  the 
Adabas  database  SQL-com¬ 
pliant  and  thus  available  to 
other  PC-based  applications. 

This  will  make  mainframe 
data  directly  available  to  em¬ 
ployees,  who  now  need  to 
have  the  IT  staff  translate  it 
into  a  format  that  they  can 


New  York  City 
Department  of 
Buildings 

MISSION:  To  “ensure  the  safe  and  lawful 
use  of  buildings  and  properties  by  enforcing 
the  building  code"  and  zoning  rules. 

BUDGET  (FISCAL  2002): 

■  Expenditures:  $56.23  million 

■  Revenue:  $77.5  million 

ft'"*1  V  y  ■  *:  >■  T  i*  v  v  ^.Jr  ~  A  *  T  .  iV  -■ 

TASKS:  Reviews  and  approves  plans  for 
proposed  construction,  alteration  and  use 
of  buildings.  Inspects  construction  work  in 
progress  and  performs  final  inspections  for 
occupancy  permits.  Investigates  com¬ 
plaints  regarding  the  structural  integrity  of 
buildings.  Approves  sewer  connections 
and  builders’  pavement  plans. 

SOURCE:  WWW.NYC.eOV/HTML/DOB/HOME.HTML 

download  into  various  reporting  and 
spreadsheet  programs. 

In  the  corporate  arena,  Web-enabling 
mainframe  systems  is  neither  new  nor 
rocket  science.  “The  real  novelty  here 
is  that  this  is  a  big  municipal  user,” 
notes  Uttam  Narsu,  an  analyst  at  Giga 
Information  Group  Inc. 

“At  government  agencies  at  the  city, 
state  and  federal  levels,  there  is  so 
much  siloed  information  locked  up  in  a 
variety  of  systems.  But  they  don’t  have 
the  luxury  that  big  corporations  have” 
to  scrap  systems  and  buy  expensive 
new  ones,  Narsu  says.  “They  are  essen¬ 
tially  stuck  with  what  they’ve  got,  and 
they  have  to  figure  out  ways  to  lever¬ 
age  that  information.” 

Friedman  says  the  next  step  for  the 
Web  site  is  enabling  users  to  file  per¬ 
mit  applications,  plans  and  other  doc¬ 
uments  with  the  department.  This 
would  require  the  ability  to  accept 
computer-aided  design  and  graphics 
files.  The  city  would  also  need  to  es¬ 
tablish  a  means  of  collecting  filing  fees 
electronically  or  processing  credit  card 
payments,  which  it’s  expected  to  do  in 
the  next  few  months,  Friedman  says. 

The  Buildings  Department  is  also 
studying  long-term  strate¬ 
gies,  such  as  using  Adabas 
as  a  repository  and  integrat¬ 
ing  other  third-party  soft¬ 
ware  applications,  or  replac¬ 
ing  the  entire  system  with 
a  commercial  Web-based 
system. 

In  the  meantime,  Friedman 
says,  “just  being  able  to  take 
a  legacy  system  and  with 
minimal  effort  put  it  on  the 
Web  is  tremendous.”  • 


“We 


didn’t  have  to  throw 
everything  out  and 
start  from  scratch.” 
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Thrift  Thrives 
OnLowTech 


Ultraefficient  Washington 
Federal  does  just  fine  with¬ 
out  the  latest  technologies. 

By  Connie  Winkler 


IT’S  one  of  the  west’s  fastest-growing  sav¬ 
ings  and  loans,  with  119  branches  in  eight 
states  and  $7.4  billion  in  assets.  Yet  it  owns 
no  automated  teller  machines.  It  has  no 
online  banking.  No  voice  mail.  No  “press  3” 
automated  phone  system.  Typewriters  still 
sit  on  desks  at  headquarters,  and  there  are 
only  five  Internet-connected  PCs. 

So,  how  does  this  business  survive? 

Superbly,  says  Washington  Federal  Savings  and 
Loan  Association  in  Seattle,  which  last  year  reported 
record  earnings  of  $144  million,  a  27%  increase  over 
fiscal  2001.  At  a  time  when  critics  are  questioning 
the  value  of  IT,  Washington  Federal  seems  to  be 
proving  those  contrarians  right:  Less  is  more. 

Washington  Federal  keeps  its  technology  spending 
down  to  1%  of  its  annual  operating  expenses  and  has 
a  1980s-style  IT  department  of  seven. 

“We  say,  ‘Don’t  spend  a  dollar  when  a  dime  will 
do,’  ”  says  Roy  M.  Whitehead,  president  and  CEO. 

Whitehead  boasts  that  Washington  Federal  has  the 
best  efficiency  ratio  in  the  thrift  industry:  18%,  com¬ 
pared  with  the  industry  average  of  45%.  That  means 
that  while  other  thrifts  spend  45  cents  to  produce  $1 
of  net  revenue,  Washington  Federal  spends  18  cents 
(including  the  1  cent  for  IT)  to  earn  a  buck. 

“We  measure  any  investment  —  whether  in  peo¬ 
ple,  in  brick  and  mortar,  or  technology  —  relative  to 
the  impact  it  will  have  on  our  efficiency  ratio,”  says 
Whitehead. 

‘High-Touch’  Service 

One  reason  Washington  Federal  can  spend  so  little 
on  IT  is  that  it  has  a  simple,  low-tech  collection  of 
services:  passbook  savings,  certificates  of  deposit, 
money  market  accounts,  interest-bearing  checking 
accounts  and  Fixed-rate  home  mortgages. 

“We  use  technology  when  it  allows  us  to  deliver  a 
higher  level  of  customer  service  more  profitably,” 
Whitehead  says.  “Flowever,  our  customer  base  is  one 
that  is  older  and  probably  longing  for  ‘high-touch’ 
levels  of  service  that  they  can’t  get  at  other  institu¬ 
tions,  which  seem  focused  on  delivering  product  at 
the  lowest  per-unit  transaction  cost.” 


So  Washington  Federal  employees  answer  their 
own  phones.  And  if  they  don’t  use  typewriters,  they 
use  the  WordPad  applet  that  comes  free  with  Micro¬ 
soft  Windows  98.  The  company’s  Web  site  provides 
customer  and  investor  information,  with  a  single 
e-mail  contact  for  inquiries. 

“The  whole  concept  of  not  having  a  high-tech  en¬ 
vironment  isn’t  particularly  new,  but  it  seems  [Wash¬ 
ington  Federal  has]  raised  it  to  an  art  form,”  says 
Jerry  Silva,  an  analyst  at  Needham,  Mass.-based 
TowerGroup. 

So,  what  does  Washington  Federal’s  IT  chief  think 
of  this  low-tech  operation?  “You  really  have  to  let  go 
of  anything  that’s  ‘cool’  or  ‘gee  whiz’  or  ‘would  this 
be  great,’  ”  says  Terry  O.  Permenter,  manager  of  in¬ 
formation  systems.  “And  you  have  to  say,  ‘What  real¬ 
ly  makes  sense  for  the  bottom  line?’  Sometimes  that’s 
frustrating,  because  that  ‘cool,  gee-whiz’  stuff  is  pret¬ 
ty  fun.  The  discipline  of  our  business  model  is  pretty 
powerful.”  Permenter  started  working  at  the  thrift  as 
a  programmer  21  years  ago.  “I  am  very  proud  of 
Washington  Federal,”  he  says.  “We  are  so  off-the- 
chart  that  people  have  a  hard  time  believing  it.” 

Whitehead  acknowledges  that  technology  pro¬ 
duces  efficiencies  and  increases  productivity  in 
many  environments;  he  joined  Washington  Federal 
in  1998  from  high-tech  Wells  Fargo  &  Co. 

“On  the  other  hand,  we  have  a  very  simple  busi¬ 
ness,  and  the  key  to  our  profitability  is  our  efficien¬ 
cy,”  he  says.  “A  simple  business  requires  a  simple 
technology  platform.” 

Sometimes,  however,  even  Washington  Federal  has 
to  upgrade  its  systems.  Two  years  ago,  the  company 
decided  that  it  needed  to  upgrade  the  teller  hardware 
and  software  that’s  connected  to  its  20-year-old 
core  banking  system. 


Off  the  Chart 
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At  Washington  Federal,  where  “high  touch”  is  more 
important  than  high  tech,  customers  still  get  old- 
fashioned  account  record  books  such  as  the  one 
above  for  passbook  savings. 


Why?  Because  it  was  no  longer  possible  to  find 
parts  to  repair  the  old  teller  PCs,  which  used  the 
ancient  Z80  chip  and  CP/M  operating  system.  The 
last  units  Washington  Federal  had  acquired  were 
bought  by  the  pound  as  scrap  and  refurbished, 
Permenter  explains. 

So  in  November  2001,  the  company  installed  a  new 
teller  and  branch-automation  system  from  Bench¬ 
mark  Data  Corp.  in  Roswell,  Ga.,  which  was  willing 
to  scale  down  and  simplify  the  system  to  meet  Wash¬ 
ington  Federal’s  need  for  speedy  customer  service. 

Homegrown  Cobol  Rules 

Washington  Federal  didn’t  want  to  replace  its  core 
banking  system,  though,  so  it  was  pleased  to  find  that 
the  Benchmark  system  was  compatible  with  it,  re¬ 
calls  Permenter.  The  banking  system  runs  on  a 
Hewlett-Packard  Co.  fault-tolerant  S76  server  with 
homegrown  code  that  was  written  in  Cobol  in  the 
late  1970s.  “Things  like  Java  and  XML  get  a  lot  of 
press,  but  most  of  the  world’s  real  business  still  hap¬ 
pens  in  Cobol,  and  I  suspect  it  will  after  I  retire,” 
Permenter  says. 

When  it  comes  to  advanced  technology  such  as 
the  automated  credit-scoring  models  used  by  other 
fmancial  institutions,  Whitehead  remains  suspicious. 
He  notes  that  Washington  Federal’s  mortgage  delin¬ 
quency  rate  is  0.77%,  compared  with  the  industry 
average  of  3.4%. 

“Looking  at  those  numbers  causes  me  to  wonder 
over  the  long  haul  how  effective  that  technology  will 
be  in  managing  risk,”  says  Whitehead.  “Technology 
is  a  wonderful  thing  if  it  works.  But  if  it  doesn’t  work 
and  it’s  widely  applied  in  society  or  an  industry,  it 
can  lead  us  all  right  off  a  cliff.” » 


Winkler  is  a  freelance  writer  in  Seattle.  She  can  be 
reached  at  winklerconnie@yahoo.com. 
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Including 


Jupiter  Research 

SYMPOSIUM 


A  Week  of  Professional  Development  &  Insight 


6  Keynote  Addresses  S.  5  Tracks: 

Vertical  Markets 
Covered  Include: 

■  Mobility 

■  Enterprise 
Applications 

■  Security 

■  Network 
Management 

■  Linux/Open  Source 

■  Storage 

■  Hardware 

■  Web  Services 

■  Application 
Development 

■  Convergence 


Jupiter  Research.  Integrated  Views,  Enterprise  Technology, 
s  y  m  p  o  b  i  u  m  Encj  User  Technology,  Access  &  Applications. 


Developers:  Utility  Computing,  Longhorn,  Security,  Encryption, 
□pen  Source,  Linux  Desktops,  Semantic  Web,  Data  Mining, 
Content  Delivery  Networks,  Digital  Rights  Mgmt.  and  more. 


Web  Services:  .NET  Framework,  C#  and  J#,  J2EE,  JMX, 
Websphere,  RSS  Feeds,  SOAP  and  UDDI,  WSDL,  .NET  Remoting, 
VoiceXML/SALT  and  more. 


Hardware  &  Systems  Networked  Storage,  DVD-R W,  Gigabit 
Ethernet,  Mesh  Networks,  Voice  Over  IP,  802.1  lx  Networks, 
RF  ID  Tagging  and  more. 


Enterprise  Executive:  IT  Management  Forum,  ROI  for  the  CTO, 
Human  Capital  Management,  Best  Practices  in  New  IT  and  more. 


Media  Sponsors 


internet.com 


0EARTHWEB.COM* 
Analyst  Sponsor 

Jupiterresearch. 


Exhibit/Sponsor 
Opportunities: 
Online  or  Sean  Moriarty  at 

smoriarty@jupitermedia.com 
or  (203)  662-2822 


Registration: 

Online  or  Lillian  Potter  at 

registration@jupitermedia.com 
or  (203)  662-2857 


For  a  complete  listing  of  speakers,  session  descriptions,  sponsors, 
and  exhibitors,  or  to  register,  visit  the  event  Web  site  at 


►  Register  now  &  save! 


EnterariseM week.com 
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Reality  bites,  but  IT  managers  need  to 
infuse  more  of  it  into  project  planning. 


IT  projects  fail  be¬ 
cause  managers  kid 
themselves  from  the 
start  about  their 
chances  of  success. 
That’s  the  message 
DAN  LOVALLO  and 
Daniel  Kahneman  de¬ 
liver  in  the  July  issue 
of  Harvard  Business 
Review.  When  fore¬ 
casting  the  outcome  of 
a  risky  project,  they  say,  decision-makers 
become  swept  up  by  a  “delusional  opti¬ 
mism.”  Rather  than  rationally  weighing 
pluses  and  minuses,  they  “spin  scenarios 
of  success”  while  overlooking  risks,  ac¬ 
cording  to  Lovallo  and  Kahneman. 

Lovallo,  a  senior  lecturer  at  the  Aus¬ 
tralian  Graduate  School  of  Management 
at  the  University  of  New  South  Wales, 
told  Kathleen  Melymuka  how  IT  leaders 
can  curb  their  enthusiasm  and  inject 
realism  into  project  forecasting. 

What  makes  IT  leaders  overly  optimistic 
about  a  project’s  chance  of  success?  Peo¬ 
ple’s  natural  inclination  is  to  be  opti¬ 
mistic.  One  of  the  most  ubiquitous 
findings  in  social  psychology  is  the 
above-average  effect.  When  people  are 
asked  how  they  compare  to  peers  in  all 
kinds  of  areas,  almost  nobody  thinks 
they’re  below  the  mean,  which,  of 
course,  is  logically  not  possible. 

What  is  “anchoring,**  and  how  might  it  lead 
to  overoptimism  in  an  IT  project?  In  an  IT 

project,  typically  the  initial  plans  are 
really  realistic  best-case  scenarios.  If 
you  remain  anchored  to  those,  any  ad¬ 
justment  away  from  that  is  unlikely  to 
get  far  enough  away  to  get  to  realism. 


In  today’s  economic  environment,  does  the 
organizational  pressure  for  ROI  magnify  the 
tendency  to  be  overly  optimistic?  Optimism 
is  pretty  consistent,  but  the  greater  the 
organizational  pressure,  the  more  like¬ 
ly  you  are  to  get  skewed  forecasts. 
When  an  organization  puts  a  lot  of 
pressure  on  people  to  come  up  with 
some  sort  of  very  optimistic  ROI  num¬ 
ber,  they’ll  get  the  number  because 
they’re  engineering  optimism. 

You  say  managers  are  also  prone  to  the  “illu¬ 
sion  that  they  are  in  control.”  Can  you  ex¬ 
plain?  Managers  don’t  see  themselves 
as  gambling  or  taking  risks.  They’re 
very  proactive  in  trying  to  remove  all 
risk  in  the  environment.  Frequently 
they  won’t  even  acknowledge  that  a 
large  degree  of  risk  is  still  left.  When  a 
manager  has  a  plan,  he  almost  always 
overestimates  his  degree  of  control. 

Many  IT  project  managers  use  scenario  plan¬ 
ning  to  mitigate  risk.  Isn’t  that  effective?  It 

could  be,  and  it’s  good  that  they  do  it. 
The  problem  is  that  it’s  hard  to  think  of 
all  the  things  that  might  go  wrong.  It’s 
easy  to  think  about  how  you  could 
complete  the  plan,  and  that  may  even 
be  the  most  likely  scenario,  but  it  still 
doesn’t  mean  it’s  very  likely.  So  many 
things  can  go  wrong.  Better  to  look  at 
what’s  happened  in  the  past  with  other 
IT  projects  as  a  guide  to  what’s  going 
to  happen  in  the  future. 

And  that’s  what  you  call  the  “outside  view”? 

When  you  take  an  outside  view,  you 
look  at  a  reference  class  of  similar 
projects,  both  in  your  organization  and 
outside.  Then  you  look  at  how  much 
they  spent  relative  to  their  initial  esti¬ 


mates,  how  much  time  it  took  relative 
to  what  they  initially  thought.  Then  you 
ask,  “How  does  our  project  differ  from 
these?”  You  determine  your  place  in 
that  class.  Out  of  that  come  forecasts 
that  are  likely  to  be  more  realistic. 

How  difficult  is  it  to  get  this  outside  data?  If 

you’re  an  IT  manager,  it  shouldn’t  be 
hard  to  get  this  information  from  in¬ 
side  your  firm,  and  it  also  tells  people 
what  type  of  data  they  should  be 
recording  for  the  future.  For  outside 


Reality  Check 

In  their  Harvard  Business  ffevrewartide, 
Dan  Lovallo  and  Daniel  Kahneman  say 
IT  project  managers  should  compare 
their  proposed  projects  with  similar  ones 
that  have  been  done  before.  Here’s  how: 

Select  a  reference  class  of  projects 
based  on  characteristics  (content, 
resources,  budget,  time  con¬ 
straints)  that  will  help  you  assess 
your  own  project’s  chances. 

Document  the  outcomes  of  the  ref¬ 
erence-class  projects  and  plot  them 
as  a  distribution,  shewing  extremes, 
the  median  and  any  clusters. 

Intuitively  predict  where  your  proj¬ 
ect  would  fall  in  the  distribution. 

Assess  the  reliability  of  your  pre¬ 
diction  based  on  an  objective  as¬ 
sessment  of  how  well  your  past 
predictions  have  matched  actual 
outcomes. 

Adjust  your  initial  prediction,  which 
was  likely  too  optimistic.  The  less 
reliable  your  predictions  have  been 
in  the  past,  the  more  you  should 
adjust  your  prediction  downward. 


data,  consultants  like  [McKinsey  & 

Co.]  are  good  at  helping  firms  get  this. 
This  is  a  place  where  there’s  room  for 
firms  to  cooperate  and  there’s  a  role  for 
industry  groups  in  trying  to  help  them 
figure  out  how  not  to  waste  money. 

If  I  temper  my  overoptimism  about  my  pro¬ 
posed  project,  won't  I  lose  funding  to  a  more 
optimistic  competing  project?  It’s  difficult. 
The  change  has  to  come  from  the  top 
of  the  organization.  There  has  to  be  a 
policy  and  a  process  that  asks  people 
to  back  things  up  based  on  facts. 

if  I  do  get  funded,  wouldn’t  the  more  nega¬ 
tive  outside  view  destroy  my  project  team’s 
ability  to  stay  “up”  and  enthusiastic?  Here’s 
where  it’s  important  to  draw  a  distinc¬ 
tion  between  decision  and  action.  You 
want  the  outside  view  when  you’re 
making  the  decision;  when  you’re  tak¬ 
ing  action,  let  the  optimism  seep  in. 

What  if  my  team  and  our  processes  really 
are  better  than  those  in  the  outside  projects 
cited?  You  would  have  reasons  to  say 
why  they  are  better,  and  those  reasons 
should  be  based  on  objective  predic¬ 
tors  of  success:  the  experience  of  the 
team,  how  well  the  organization  has 
done  in  the  past,  how  much  money  is 
behind  it.  If,  based  on  this,  you  figure 
you’re  in  the  95th  percentile  of  the  dis¬ 
tribution,  then  you’ve  got  a  reason  to 
say  that. 

What  if  I’m  planning  a  unique  project  or 
working  with  new  technology  that  really  has 
no  track  record?  This  has  never  hap¬ 
pened.  It’s  the  first  time  for  you,  but 
it’s  not  the  first  time  somebody  tried  to 
install  a  new  IT  system  with  a  new 
technology.  So  your  reference  class  in¬ 
cludes  projects  with  new  technologies 
never  used  before. 

What  if  my  inside  view  is  great  and  the  out¬ 
side  view  predicts  failure?  Do  I  trust  the  ex¬ 
perience  of  outsiders  more  than  the  projec¬ 
tions  of  my  colleagues?  The  outside  view 
is  an  objective  statistical  view.  If  that 
suggests  that  you’re  going  to  fail,  but 
the  inside-view  forecasts  suggest  you’ll 
succeed,  it’s  time  to  take  a  step  back 
and  re-evaluate  the  project  and  possi¬ 
bly  call  it  quits.  The  outside  view  is 
much,  much  more  likely  to  be  accurate 
than  the  inside  view.  I 


Melymuka  is  a  Computerworld 
contributing  writer.  You  can  contact 
her  at  kmelymuka@yahoo.com. 


This  is  the  latest  in  a  series  of  monthly  discus¬ 
sions  with  Harvard  Business  Review  authors  on 
topics  of  interest  to  IT  managers. 


phere  software 


See  old  apps  combine  with  new  apps. 
See  customers  connect  with  partners. 
See  today’s  stuff  click  with  tomorrow’s 


WebSphere  Business  Integration  is  far  nd  awav  the  leading  integration  software  for  the  on  demand 
era.  Open  and  flexible,  WebSphere  lets  you  model,  integrate  and  manage  all  of  your  business 
processes.  WebSphere  delivers  an  infrastructure  that  quickly  responds  to  change,  meeting  business 
demands,  on  demand.  For  an  Integration  InfoKit  and  case  studies,  visit  ibm.com/websphere/seeit 


or  trademarks  of  lMtem.iiiim.il  Business  Machines  Corporation  in  the  United  Stales  and/or  other 
Mlprfeen  Study  Appln  ,itnm  Integration  Executive  Summary  2003."  2003  WinterGreen  Research.  Inc 


IBM.  WebSphere,  the  e-business  logo  and  e-business  on  demand  are  registered  tradema 
countries  Certain  information  contained  within  this  advertisement  is  based  on  results  ol  the  W 
S  2003  IBM  Corporation.  All  rights  reserved. 
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Orbitz  Appoints 
Hjelm  as  CTO 

|  Orbitz  LLC  has 
1  named  Christo- 
HjmU  pher  Hjelm  as 
\  /t*  chief  technology 

^  officer,  replacing 

BA  Alex  Zoghlln, 
who  stepped 
down  in  April. 
Hjelm  has  nearly 

20  years  of  experience  as  a  tech¬ 
nology  executive  and  will  lead  the 
Chicago-based  company’s  technol¬ 
ogy  strategies,  engineering,  archi¬ 
tecture  and  site  operations. 

Before  joining  Orbitz,  Hjelm  was 
senior  vice  president  for  technology 
at  eBay  Inc.  He  brings  airline  and 
hospitality  experience  from  14  years 
as  CIO  at  FedEx  Corp.  and  his  role 
as  CEO  of  Zoho  Corp.,  a  start-up  in 
Sunnyvale,  Calif.,  offering  an  e-pro¬ 
curement  and  financial  system  for 
the  hospitality  industry. 


Survey  Shows  Web 
Services  Kicking  In 

The  results  of  a  survey  conducted 
earlier  this  year  by  Cutter  Consor¬ 
tium  show  that  companies  are 
adopting  Web  services  technology 
at  a  rapid  pace.  According  to  240 
respondents,  30%  are  developing 
production  applications,  23%  are 
prototyping,  16%  are  gathering  in¬ 
formation,  15%  are  evaluating,  and 
13%  are  already  running  business- 
critical  applications.  Other  survey 
highlights  include  the  following: 

■  Independent  platforms  and 
flexibility  were  the  most  popular 
reasons  for  using  Web  services. 

■  Security,  complexity  and  imma¬ 
ture  standards,  and  a  lack  of  shared 
vocabularies  were  considered  the 
three  greatest  obstacles. 

■  Compatibility  problems  with 
other  companies  or  internal  groups 
have  been  low,  with  47%  of  respon¬ 
dents  reporting  no  problems  and 
41%  reporting  only  slight  difficulty; 
12%  have  had  serious  difficulty. 

»  Four  of  the  most  popular 
servers  used  to  deploy  Web  services 
were  Microsoft  .Net  (39%),  IBM 
WebSphere  (28%),  BEA  WebLogic 
(24%)  and  Sun  Open  Net  Environ¬ 
ment  (20%). 
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BART  PERKINS 

Oracle,  PeopleSoft 

And  You 


IF  YOUR  STRATEGIC  SUPPLIER  is  the  victim  of  a 
hostile  takeover,  who  worries  about  your  inter¬ 
ests?  Oracle’s  recent  offer  for  PeopleSoft  high¬ 
lights  industry  consolidation  issues.  As  part  of 
the  proposed  takeover,  Larry  Ellison  has  threat¬ 
ened  to  stop  supporting  PeopleSoft  applications,  leav¬ 
ing  PeopleSoft  users  adrift.  PeopleSoft  responded  with 
a  poison  pill,  offering  to  refund  twice  its  license  fee  if 


it  is  acquired  and  the  new 
owner  drops  support  for 
PeopleSoft  applications 
within  two  years  [Quick- 
link  39343].  Today,  virtually 
every  CIO  is  worried  that 
a  strategic  supplier  will  be 
taken  over  and  that  support 
will  slip. 

What  can  be  done?  I  con¬ 
ducted  an  informal  survey 
of  IT  buyers.  Many  sug¬ 
gested  escrowing  source 
code  as  protection.  With 
smaller  software  suppliers, 
contracts  often  give  the 
buyer  rights  to  the  source 
code  if  the  seller  goes  out 
of  business  or  abandons 
the  software.  However,  very  few  soft¬ 
ware  companies  will  actually  allow  the 
source  code  to  be  released  in  the  event 
of  a  takeover.  Even  with  intellectual 
property  protection,  doing  so  would 
significantly  lower  the  company’s  val¬ 
ue.  With  large  software  suppliers,  es¬ 
crow  clauses  are  rare,  and  they  don’t 
do  the  buyer  much  good  anyway.  Few 
buyers  can  afford  or  have  the  skills  to 
maintain  the  source  code  for  applica¬ 
tions  the  size  of  PeopleSoft’s. 

Buyers  sometimes  ask  for  contract 
clauses  allowing  them  to  terminate 
their  contracts  or  receive  refunds 
in  the  event  of  a  takeover.  In  general, 
these  provide  minimal  benefit.  When 


you  implement  new  soft¬ 
ware,  you  generally  change 
your  business  processes. 
Even  if  you  get  your  mon¬ 
ey  back,  you  still  have  to 
go  through  the  pain  and 
expense  of  a  second  imple¬ 
mentation,  not  to  mention 
the  time  and  effort  re¬ 
quired  to  select,  educate 
and  build  a  relationship 
with  a  new  supplier. 

Unfortunately,  it’s  too 
late  for  PeopleSoft  users  to 
start  protecting  themselves 
from  the  possible  Oracle 
takeover.  However,  the 
episode  emphasizes  the 
importance  of  anticipating 
similar  situations.  In  future  sourcing 
decisions,  you  can  do  the  following: 

■  Streamline  your  architecture.  Design  the 
architecture  with  ease  of  substitution 
in  mind  —  use  standard  interfaces  and 
commodity  products  where  possible. 

■  Conduct  your  due  diligence  thoroughly. 
Part  of  your  evaluation  should  focus 
on  supplier  viability  and  business 
strategy.  Is  the  supplier’s  management 
team  involved,  committed  and  hungry? 
Is  the  company  making  money?  Does 
it  have  enough  cash  to  continue  in¬ 
vesting  in  the  product  if  sales  decline? 
Does  its  business  strategy  meet  your 
goals?  How  will  its  future  product  line 
affect  your  architecture? 


*  Put  all  vendor  commitments  into  the  con¬ 
tract.  Contractual  agreements  must  be 
honored,  even  in  takeovers.  Include  ex¬ 
plicit  performance  and  service  guaran¬ 
tees,  covering  things  like  response 
time.  (One  CIO  purchased  new  soft¬ 
ware  only  to  find  that  “nightly  process¬ 
ing”  took  four  days.)  Demand  product 
support  for  a  specified  length  of  time. 

■  Increase  your  breadth  of  knowledge.  In¬ 
dustry  futurist  and  Compute rv^or Id 
columnist  Thornton  May  has  studied 
CIO  communications  and  concluded 
that  CIOs  “need  to  get  out  more.” 

They  spend  less  than  9%  of  their  time 
talking  to  industry  analysts,  other 
CIOs,  journalists  and  their  company’s 
customers.  You  must  stay  current. 
Read  the  trade  press.  Attend  confer¬ 
ences.  Talk  to  peers  and  customers. 

■  Consider  buying  through  an  industry  con¬ 
sortium.  Buying  groups  can  leverage 
aggregated  demand  and  swing  the  bal¬ 
ance  of  power  away  from  the  supplier. 

■  Volunteer  for  the  supplier’s  advisory  board. 
Even  better,  get  your  business  execu¬ 
tive  sponsor  to  volunteer.  If  the  soft¬ 
ware  company  is  acquired,  the  acquir¬ 
er  will  usually  ask  the  advisory  board 
for  help  keeping  existing  customers. 

■  Above  all,  develop  solid  contingency  plans. 
Have  a  backup  for  every  strategic  sup¬ 
plier,  no  matter  how  solid  it  seems. 
Microsoft  and  IBM  have  enough  spare 
cash  to  make  any  other  vendor  vulner¬ 
able  to  an  acquisition! 

It’s  difficult  to  protect  yourself  in 
the  middle  of  a  takeover.  The  best  you 
can  do  is  to  be  proactive:  Streamline 
your  architecture,  write  a  tight  con¬ 
tract,  and  stay  on  top  of  industry 
trends.  You  can’t  prevent  supplier 
takeovers,  but  you  can  minimize 
the  effect  on  your  IT  organization.  I 


WANT  OUR  OPINION? 

©For  more  columns  and  links  to  our  archives,  go  to 
www.compiiterworld.com/opinions 
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From  the  leader  in  collaboration,  a  new  way  to  do  business  that  increases  responsiveness  and  simplifies 
access  to  people,  information  and  processes.  Lotus  Workplace  delivers  wide-scale  collaboration  for  everyone 
in  your  workforce.:  Openly:  Flexibly.  Affordably,  With  business  results  on  demand.  To  learn  more  about  the 
first  Workplace  offering1,  see  our  demo  of  Lotus  Workplace  Messaging  at  ibm.com/lotus/seeworkplace 
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Advertising  Supplement 

IT  Careers:  Look  for  Certification  Training 
with  Hands-On  Component 


Thousands  of  certification  courses  are  offered  to  IT 
professionals,  ranging  from  those  made  available  by 
companies  such  as  SAP  and  Microsoft  to  those  that 
address  some  critical  IT  need.  The  courses  are  designed  to 
provide  knowledge  and  to  provide  a  new  capability  that 
can  be  applied  back  at  work,  immediately. 

In  the  past  two  years,  as  the  IT  profession  has  been 
batted  about  like  a  bad  badminton  birdie,  enrollment  in 
certification  programs  has  dropped.  However,  certification 
programs  are  starting  to  see  an  upsurge,  along  with  efforts 
to  make  the  training  more  valuable. 

Among  the  trends:  more  hands-on,  facilitated  labs  to 
put  knowledge  to  work  and  more  curriculum  that  helps 
mid-level  managers  and  non-IT  people  increase  their  range 
of  skills.  A  third  trend  is  that  there's  more  blending 
between  on-line  instruction  and  instructor-  or  mentor-led 
instruction  in  the  project  management  end  of  skills, 
bringing  enrollees  more  value. 

Roland  Van  Liew,  president  of  HOTT  (Hands  On 
Technology  Transfer)  Inc.,  says  enrollment  for  his  hands-on 
focused  training  organization  has  doubled  in  the  past  year. 
"We  know  that  certifications  may  help  you  get  an 
interview,  but  they  aren't  going  to  help  you  get  and  keep  a 
job.  Only  competence  will  do  that,"  he  says. 

Originally  on-line  courses  and  certification  didn't 
include  hands-on  labs.  "I'd  say  80%  of  the  certification 
groups  have  changed  to  offer  a  program  that  shows 


participants  how  to  use  the  program  or  application  to 
solve  a  problem,"  says  Van  Liew.  "We  want  you  to  get 
more  than  a  highlight  of  features.  Yes,  we  want  you  to 
know  a  lot  about  JAVA  syntax,  but  more  important  is  that 
you  use  it  to  develop  a  site  that  is  usable." 


Thomson  NETg,  in  its  two-year  study  of  corporate 
learning,  found  that  a  blend  of  hands-on  labs  (known  as 
scenario-based  exercises)  with  mentor  and  on-line 
learning  with  appropriate  unit  tests,  produced  the  best 
results.  The  report,  Thomson's  Job  Impact  Study:  The  Next 
Generation  of  Corporate  Learning,  states  that  blended 
learning  with  the  hands-on,  facilitated  labs  improves 
accuracy  by  30%  and  speed  of  skill  acquisition  by  41  %. 

Van  Liew  says  that  certifications  supporting  open 
systems  are  among  the  most  popular.  "JAVA  is  burning  hot 
right  now,"  Van  Liew  says,  as  is  PHP.  Other  hot 
certifications  are  ASP,  CGI,  MCSC,  MCSD  and  MCSE.  There's 
been  a  major  increase  in  security  certification  offerings, 
including  a  major  uptick  for  the  SANS  (System 
Administrators,  Audit,  Network,  Security)  Institute,  which 
now  has  156,000  government  and  commercial 
participants.  Security,  however,  remains  a  small  portion  of 
the  overall  IT  population  looking  for  training. 


For  more  information  about  IT  Careers  advertising, 
please  contact: 

Nancy  Percival 

Vice  President,  Recruitment  Advertising 

800.762.2977 

500  Old  Connecticut  Path 

Framingham,  MA  01701 

Produced  by  Carole  R.  Hedden 


What  Does  IT  Mean  to  You? 


IT  Means  a  Lot. 

Information  technology  means 
protecting  your  network  from 
hackers. 

Information  technology  means 
building  a  dynamic  Web  site. 

Information  technology  means 
constructing  databases  that  help 
your  organization  meet  its 
mission. 

S' 


Whatever  information  technology 
means  to  you,  the  Graduate  School, 
USDA  can  help.  We  offer  high-quality 
and  affordable  IT  training  in 
state-of-the-art  computer  labs.  Our 
experienced  faculty  can  teach  you 
everything  you  need  to  achieve  your 
information  technology  goals. 


GRADUATE 

SCHOOL 


For  more  information  visit  our  Web  site 
at  www.grad.usda.gov  or  call  us  toll 
free  at  (888)  744-GRAD. 


Boston  University 

Project  Management 


If  you  want  to  bring  your 
projects  in  on  time  and  under 
budget,  you  really  need  to 
know  what  you're  doing  as 
a  project  manager.  Formal 
project  management  training 
is  important  to  build 
problem  solving,  people 
and  management  skills. 

1-800-BU-TRAIN 
www.  BU  train.com/pm 

MDP  26.4 


duj LL/i i  umvcDuy 

two-and-three  day  Seminars 
as  well  as  complete 
Certificate  Programs. 


Training  when  and  where  you 
want  it. 

Boston  University  has  a  network 
of  Education  Affiliates  offering 
programs  in  38  cities  throughout 
the  United  States,  Canada  and  Asia. 


BOSTON 

•  | 

UNIVERSITY 

u  1 

■  Project 
I  Management 
■Institute 
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Always  thinking... 

about  tomorrow 

We  live  in  a  world  of  exponential  change,  both  in  technology  and  scientific 
research.  The  National  Center  for  Supercomputing  Applications  (NCSA)  at  the 
University  of  Illinois  at  Urbana-Champaign  deploys  hardware  and  creates 
software  and  tools  to  enable  breakthrough  scientific  research  and  enhance 
national  competitiveness.  We  are  a  leader  in  defining  the  future's  high- 
performance  computing  infrastructure  for  scientists  and  society  and  we  are 
seeking  an  Associate  Director  who  will  provide  leadership  in  shaping  the  program 
direction  for  our  R&D  and  operation  efforts  in  data  and  information  management. 


Associate  Director  of  Data  and  Information  Management 

The  primary  function  of  this  position  is  to  lead,  support,  coordinate,  represent  and 
promote  activities  at  NCSA  that  focus  on  data  and  information  management  and 
data-intensive  applications  in  a  high-performance  computing  context.  This 
includes  groups  responsible  for  data  storage  and  file  systems,  I/O  middleware, 
data  models  and  formats,  I/O  performance  analysis,  scientific  databases,  and 
certain  data  intensive  applications.  We  will  rely  on  you  to  shape  a  research  and 
production  agenda;  identify  applications  with  the  national  user  community,  NSF’s 
Partnerships  for  Advanced  Computational  Infrastructure  (PACI)  and  TeraGrid 
projects,  and  industrial  and  government  partners;  seek  additional  funding 
sources;  create  reports;  and  coordinate  activities  with  other  divisions. 

A  bachelor's  degree  in  Computer  Science,  Engineering  or  related  field  is  required. 
Advanced  degree  preferred.  Significant  experience  in  data  and  information  is 
necessary,  as  is  3-5  years  experience  at  a  senior  managerial  level.  Other 
requirements  include:  5  years  experience  in  activities  associated  with  data  and 
information  management  in  a  high-performance  computing  environment; 
5  years  experience  managing  technical  personnel;  and  5  years  in  a  project 
management  role.  Strong  leadership  skills  will  be  critical  to  your  success. 

This  is  an  academic  professional  position  at  NCSA  and  is  a  12-month,  100%-time 
appointment  with  regular  University  benefits.  Salary  commensurate  with 
experience.  Starting  date  as  soon  as  possible  after  the  closing  date  of  the  search. 
To  ensure  full  consideration,  please  send  letter  of  application,  resume,  and  three 
letters  of  reference  referencing  Search  #8773,  by  e-mail  (preferably)  to: 
career@ncsa.uiuc.edu  [text  only]  by  July  2,  2003.  Interviews  may  be  conducted 
before  the  closing  date,  although  no  hiring  decisions  will  be  made  until  after  the 
search  has  closed.  Mail  to:  NCSA  Human  Resources,  Search  #8773, 1 52  Computing 
Applications  Building,  605  E.  Springfield  Avenue,  Champaign,  IL  61820. 
PH:  21 7-333-6085.  Fax:  21 7-244-9878. 


NCSA 


http://www.ncsa.uiuc.edu/About/NCSA/Employ/ 


The  University  of  Illinois  is  an  Affirmative  Action/Equal  Opportunity  Employer. 


NEED  TO  HIRE 
FAST? 

START  HERE 
FIRST! 

IT  Careers  and 
itcareers.com  reach 
more  than  2/3  of  all  US 
IT  professionals  every 
week. 

CHECK  US  OUT 
AT: 

www.itcareers.com 


Looking  for  an  online  degree 
in  the  strategic  management 
of  information  and  technology? 

UNIVERSITY  OF  OREGON 

Applied  Information  Management 
Master’s  Degree  Program  (IS:AIM) 


Offering  a  comprehensive 
curriculum  with  courses  in 
information  management, 
information  design,  business 
management,  and  applied  university 

research  since  1986.  OF  OREGON 


www.aimdegree.com  (800)  824-2714 


aim@continue.uoregon.edu 


IT  Certificate  Programs 


IS  Project  Management  Program 

A  10-week  comprehensive  program  covering  current  best  practices  in  information  systems  project 
management.  Topics:  system  development  methodologies;  CASE  tools;  project  management  soft¬ 
ware;  organizing  and  staffing  the  project  team;  conflict  resolution  techniques;  negotiation  skills;  man¬ 
agement  functions  and  tools;  planning,  integrating  and  executing  plans;  network  scheduling  tech¬ 
niques;  forecasting  and  estimation;  project  control;  risk  management;  quality  management;  user  train¬ 
ing;  test  plans;  unit,  integration  and  system  testing;  project  post-mortem;  maintenance;  version  con¬ 
trol;  contracts  and  procurement;  evaluation  tools. 

IP  Telephony  Program 

A  12-week  integrated  program  focusing  on  designing  and  implementing  fully  converged  IP 
telephony  networks.  Topics:  telecommunications  technology;  network  fundamentals;  systems  and 
network  design  and  implementation;  convergence  of  telecommunications  technologies;  voice  over  IP 
concepts  and  design;  voice/data  integration;  advanced  networks:  ATM,  DSL,  DWDM,  frame  relay, 
and  gigabit  Ethernet;  wireless  and  satellite  communications;  telecommunications  management. 

Local  Area  Networks  Program 

A  12-week  intensive  program  in  the  fundamentals  of  local  area  networks,  wide  area  networks,  and 
data  communications.  The  program  covers  a  wide  variety  of  network  configuration  and  management 
tasks  ranging  from  the  hardware  level  up  through  the  administration  of  Novell.  Windows  2003.  and 
UNIX  services.  Lectures  are  complemented  by  hands-on  work  in  a  state-of-the-art  laboratory  that 
emphasizes  common  administrative  tasks  including  web  servers,  firewalls,  network  security,  and 
enterprise  router  configuration. 

Network  Security  Program 

An  1 1  -week  intensive  program  in  the  fundamentals  of  network  security,  hosts  security,  and 
Information  Assurance.  The  program  covers  a  wide  variety  of  security  technologies  using 
configuration  and  management  tasks  ranging  from  the  setup  of  secured  servers,  firewalls  and  Virtual 
Private  Networks  (VPNs)  through  the  development  of  comprehensive  enterprise  security  architecture, 
security  policies  and  security  auditing  methods.  Lectures  are  complemented  by  hands-on  work  in  a 
state-of-the-art  laboratory  that  emphasizes  essential  network  security  tasks  using  Cisco,  Checkpoint. 
Microsoft,  ISS,  RSA,  Linux  and  Open-Source  products  and  tools. 

Standards-Based  Web  Design  Program 

A  7-week  comprehensive  program  covering  current  best  practices  in  web  design  based  on  new  mark¬ 
up,  presentation,  and  accessibility  standards.  Topics:  XHTML;  CSS;  DHTML;  separating  content 
from  presentation;  table-free  layouts;  designing  for  legacy  browsers;  Document  Type  Declaration: 
validation;  converting  existing  documents. 

Database  Technologies  Program 

A  12-week  comprehensive  program  covering  database  applications  development  and  administration 
using  Oracle.  Topics:  RDBMS  fundamentals;  E/R  modeling;  database  design  and  normalization: 

SQL;  PL/SQL;  triggers  and  stored  procedures:  Oracle  architecture;  database  administration;  network¬ 
ing;  backup  and  recovery;  Oracle  utilities;  Oracle  performance  tuning  and  optimization;  replication. 

J2EE  Developer  Program 

A  10-week  in-depth  program  covering  enteiprise-wide  applications  development  using  J2EE  for  pro¬ 
grammers.  Topics:  J2EE  architecture;  JDBC;  EJBs:  entity,  session,  and  message-driven  beans;  EJB 
containers;  network  programming;  JNDI;  RM1;  JMS;  servlets  and  JSP:  tag  libraries;  XML;  SAX, 
DOM,  and  JDOM;  SOAP  and  Web  services;  application  servers;  deployment;  life  cycle  maintenance; 
transactions;  security;  interfacing  with  legacy  applications. 

Java  Developer  Program 

A  10-week  comprehensive  program  covering  object-oriented  applications  development  using  Java  for 
programmers.  Topics:  Java  basics;  object-oriented  programming;  standard  Java  class  libraries;  JDBC; 
network  programming;  distributed  systems;  AWT  and  JFC/Swing;  Java  beans;  applets  and  servlets; 
Java  Virtual  Machine  (JVM);  security;  multi-threaded  programming;  RMI;  JMS;  XML. 

.NET  Developer  Program 

A  10-week  comprehensive  program  covering  .NET  technologies  for  programmers.  Topics:  .NET 
framework;  Common  Language  Runtime  (CLR);  Common  Language  Specification  (CLS);  Common 
Type  System  (CTS);  memory  management;  framework  libraries;  assemblies;  VS.NET;  VB.NET  lan¬ 
guage;  components;  C#  language;  structured  exception  handling;  ADO.NET;  COM/COM+  interoper¬ 
ability;  .NET  remoting;  XML  support;  WinForms;  versioning  and  Global  Assembly  Cache  (GAC); 
threading  models;  ASP.NET;  Web  Forms;  SOAP;  Web  services;  .NET  security. 

Web  Developer  Program 

A  10-week  in-depth  program  covering  the  technologies  and  techniques  of  Web  development  for 
programmers.  Topics:  HTML,  CSS  and  XML;  C#  and  .NET  environment;  ASP.NET;  HTTP;  Web 
servers;  CGI  programming  in  Perl;  JavaScript;  Web  services;  Java  Server  Pages;  securing  Web 
applications. 

For  more  information  by  phone:  (312)  362-6282 
by  fax  back:  (312)  362-6377 
by  Internet:  http://ipd.cti.depaul.edu/itc 


DePaul  University 


School  of  Computer  Science,  Telecommunications,  and  Information  Systems 
Institute  for  Professional  Development  243  S.  Wabash  Ave.,  #301  Chicago,  IL  60604-2302 
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IT  Professionals 

Consultant 

Design  applications  using  VB. 
NET,  application  architectures 
and  SQL  Server  databases  as 
well  as  document  requirements 
using  Rational  Requisite  Pro. 
Capture  system  requirement  us¬ 
ing  Case  Modeling.  Write  com¬ 
plex  pieces  of  VB  code  and 
other  codes.  Create  and  imple¬ 
ment  the  security  architecture  of 
systems  using  encrypted  cook¬ 
ies.  Create  websites  and  data¬ 
base  instances  utilizing  n-tier 
(client-server  and  web-based 
applications).  Responsible  for 
the  design,  construction,  mainte¬ 
nance  and  scheduling  of  forms 
and  reports  in  system  environ¬ 
ment  utilizing  Crystal  Reports  for 
projects.  Create  mockups  of 
reports  to  facilitate  Joint  Applica¬ 
tion  Development  Sessions/dis¬ 
cussions  and  suggest  changes 
to  the  layout  for  enhancement  of 
usage.  Manage  development 
process  and  validate  accuracy 
of  all  design  specification.  As¬ 
sist  developers  with  business 
logic  and  requirements  pertain¬ 
ing  to  the  forms  and  reports  and 
in  mapping  data  elements  on  the 
form  or  report  to  the  system  data 
model  ensuring  that  all  coding 
standards  are  followed.  Act  as  a 
liaison  between  the  test  team 
and  the  development  team  and 
participate  in  checking  all  forms 
and  reports,  reporting  related 
bugs  and  incidents,  classifying 
the  bugs  and  incidents  as 
change  requests  (enhance¬ 
ments)  or  real  incidents. 

WAGE:  $68, 000/year 

REQUIREMENTS: 

Bachelor's  degree  in  Computer 
Science,  Engineering  (any  type), 
Math,  Business  Administration 
or  Information  Systems  +  2 
years  exp.  in  the  job  offered  or  2 
years  exp.  as  a  Consultant,  Sys¬ 
tems  Analyst  or  Software  Engin¬ 
eer.  At  least  1  year  of  related 
experience  must  include  Visual 
Basic,  SQL  Server  Databases, 
Crystal  Reports,  N-tier  Applica¬ 
tions  (client-server  and  web 
based),  Rational  Requisitie  Pro 
and  Case  Modeling. 

Please  send  your  resume,  refer¬ 
encing  Job  Order  Number  WEB 
339264  to  the:  PA  Career 
Link/Job  Service,  Site  Adminis¬ 
trator,  Greene  County  Team  PA 
CareerLink  4  West  High  Street 
Waynesburg,  PA  15370-1324. 


Consultant  Software  Engineer  will 
architect,  design,  and  develop  com¬ 
plex  web-based  and  client/server 
applications  to  support  quantitative 
measurement  of  Company's  equity 
trading  operations.  Will  build  multi¬ 
layered  applications  to  compute 
trade  performance  data  for  use  by 
quantitative  analysts,  traders,  and 
fund  managers.  Will  design  and 
develop  applications  to  support  sta¬ 
tistical,  time  senes  and  other  quanti¬ 
tative  analysis  of  trading  and  mar¬ 
ket  data,  generated  in  equity  ex¬ 
changes  worldwide.  Will  work  with 
analysts,  traders,  and  vendors  to 
determine  the  reliability  of  third  party 
software  products  and  serve  as  key 
advisor  on  project  risk  assessment. 
Will  develop  tools  that  help  analysts 
study  historical  and  current  trends 
in  the  equity  trading  market  Will  act 
as  a  technical  resource  across  func¬ 
tional  organizations.  Will  extensively 
use  various  combinations  of  the  fol¬ 
lowing  technologies:  JAVA,  Oracle, 
Visual  Basic,  Visual  Basic  for  Appli¬ 
cations,  EJB,  JSP,  HTML,  RMI,  JNI, 
C++,  C.  CORBA,  S+,  COM.  PL/SQL 
UML,  Windows  NT,  and  UNIX  shell 
scripts.  Requires  Bachelors  or  equ¬ 
ivalent  in  Computer  Science,  Engin¬ 
eering,  Math,  or  Physics  and  three 
(3)  years  in  job  offered  OR  three  (3) 
years  experience  architecting,  de¬ 
signing.  and  developing  client/serv¬ 
er  and  web  based  applications. 
Candidate  must  also  possess  dem¬ 
onstrated  expertise  designing  and 
developing  multi-layered,  secure 
Internet  and  Intranet  applications 
using  various  combinations  of  JAVA, 
EJB.  and  HTML;  demonstrated  in- 
depth  knowledge  in  designing  and 
developing  n-tier  client/server  appli¬ 
cations  using  Visual  Basic,  and 
database  API's;  and  demonstrated 
expertise  in  object-oriented  pro¬ 
gramming  environment  using  third 
party  software  components  includ¬ 
ing  databases  and  middleware. 
Salary:  $90,500/yr,  M-F  9AM-5PM. 
Send  2  resumes  to  Case 
#200202263,  Labor  Exchange 
Office,  19  Staniford  St.,  1st  fl,, 
Boston,  MA  02114.  EOE.  Applicants 
must  be  U  S.  workers  eligible  to 
accept  full-time  employment  in  U.S. 


Silicus  Technologies.  Inc.,  is  a  lead¬ 
ing  business  technology,  IT  sys¬ 
tems  integration  and  solutions  firm 
specializes  in  providing  customized 
business  technology  solutions  and 
services.  Our  company  currently 
has  openings  for  the  following: 

Business  Intelligence  Lead: 

Design  business  process  flow,  data 
models,  testing,  and  software  de¬ 
sign  specifications.  Process  busi¬ 
ness  reengineering,  technical  spec¬ 
ifications,  and  develop  project 
plans.  Facilitate  JAD  sessions  or 
GAP  analysis  sessions  with  users. 
Evaluate  new  business  initiatives 
and  implement  systems  solutions 
to  support  them.  Design  standard 
practices  and  procedures.  Experi¬ 
ence  in  systems  development  life 
cycle  methodology  using  COTS 
project  software,  SQL,  UML,  OO 
Design  principles,  J2EE,  RDBMS, 
web  development  (COM,  DCOM), 
client/server  architecture.  Need  2 
years  of  experience  in  related  field. 

Programmer  Analysts: 

Plan,  test  and  develop  Internet 
based  programs  for  ERP  pack¬ 
ages,  asset  management,  sales 
force  automation  and  E-commerce. 
Expertise  in  Integration  Technolo¬ 
gies  in  core  SAP  R/3  includes  ITS, 
EDI,  Workflow,  Business  Connect¬ 
or  and  Web  Application  Server. 
Design  and  develop  client-server 
applications  using  RDBMS,  VB, 
ASP,  VB  script,  JavaScript,  ADO, 
IIS,  Oracle  8i  and  AutoCAD.  Also 
utilized  Visio,  Biztalk,  Business 
Objects,  web  intelligence,  Erwin, 
Toad,  and  UNIX.  Requires  Bach¬ 
elor's  degree  in  Computer  Science 
or  Engineering  and  2  years  of 
experience. 

Send  resume  to:  Recruiter:  1201  N. 
Orange  Street,  Suite  7809, 
Wilmington,  DE  19801,  or  via  email 
to:  careers@silicus.com. 


Software  Engineer  (Charlotte,  NC) 

-  Part  of  core  development  team 
responsible  for  research,  design, 
development,  testing,  documenta¬ 
tion  and  maintenance  of  Websydi- 
an  and  Clipper  web-and  DOS 
based,  object-oriented  business 
applications  and  related  computer 
systems  in  AS/400  and  PC  LAN 
Windows  architecture  platform.  Ut¬ 
ilize  C++,  Java,  Visual  Basic,  Fox¬ 
Pro,  COOL  Plex  and  Crystal  Report 
on  IBM  Universal  Database,  SQL 
Server  and  DB/400.  Analyze  soft¬ 
ware  requirements  to  determine 
feasibility  of  design.  Consult  with 
hardware  engineers  to  evaluate  in¬ 
terface  between  hardware,  soft¬ 
ware.  operational  and  performance 
requirements  of  overall  system. 
Must  have  Bach,  deg.,  or  equiv., 
with  major  field  of  study  in  Comp. 
Sci.,  Info.  Systems  or  related  field 
and  4  yrs  exp.  in  job  offered,  or  4 
yrs  exp.  in  a  position  involving  busi¬ 
ness  applications  software  devel¬ 
opment.  Experience  mentioned 
may  have  been  obtained  concur¬ 
rently  and  must  include:  (i)  4  yrs. 
in  object  oriented  analysis,  design 
and  programming  in  a  PC  LAN 
Windows  architecture  platform;  (ii) 
4  yrs  exp.  in  COOL  Plex;  (iii)  4  yrs 
exp.  in  design  and  programming  in 
a  AS/400  environment;  (iv)  3  yrs 
exp.  each  in  IBM  Universal  Data¬ 
base,  SQL  Server,  and  DB/400;  (v) 
3  yrs  exp.  in  Crystal  Report  Tools; 
(vi)  2  yrs  exp.  in  web-based  soft¬ 
ware  development;  (vii)  2  yrs  exp. 
each  in  C++,  Java,  Visual  Basic, 
FoxPro  and  SQL;  and  (viii)  1  yr  exp. 
each  in  Websydian  and  Clipper. 
Must  have  legal  authority  to  work  in 
U.S.  Please  send  resume  to  CT 
Chu  (REF:SE),  Caraustar  Indus¬ 
tries,  Inc.,  443  South  Gardner  Ave., 
Charlotte,  NC  28208. 


PROGRAMMER  ANALYSTS 
for  Naperville,  IL  office.  Devel¬ 
op  &  maintain  software  appli¬ 
cations  using  Oracle,  SQL 
Server,  Erwin,  Linux,  Sybase, 
XML,  UML,  Interwoven,  Cool- 
gen,  ClearCase,  ClearQuest, 
Plumtree,  PVCS,  UNIX. 
Bachelors  Degree  reqrd  in 
Computers,  Engineering, 
Math  or  related  field  of  study  + 
2yrs  of  related  exp.  40  hrs/wk; 
Must  have  legal  authority  to 
work  permanently  in  the  U.S. 
Send  resume  to  HR  Manager, 
Globalways,  Inc,  39176  B, 
State  St,  Fremont,  CA  94538. 


Product  Specialist,  Technical  Sup¬ 
port:  Provide  hands-on  technical 
support  for  company  prospects  and 
customers  via  the  telephone,  such 
as  guidance  for  installing  and  using 
the  product,  or  troubleshooting  ac¬ 
tivities.  Stay  current  with  company 
software  functions  and  features 
and  with  alternative  products  in  the 
markets  the  company  serves.  Con¬ 
tinuously  update  information  about 
product  performance  in  customer 
installations.  Support  developers 
using  company  software  by  design¬ 
ing  programs  to  demonstrate,  test 
and  provide  quality  assurance. 
Support  customers  who  use  com¬ 
pany  software  developer  tools  to 
create  custom  application  or  data¬ 
base  drivers.  Keep  up-to-date  with 
versions  of  supported  operating 
systems,  database  management 
systems  and  network  transport  pro¬ 
tocols.  Maintain  website.  Require¬ 
ments  include  a  Master's  degree  or 
equivalent  in  Management  Sci¬ 
ence,  Information  Systems  or 
closely  related  field.  No  work  expe¬ 
rience  required.  Applicants  must 
have  unrestricted  authorization  to 
work  in  the  United  States.  Salary 
$60, 000/year.  40  hours/wk.  Re¬ 
spond  with  two  copies  of  resume  to 
Case  #200202721,  Labor  Ex¬ 
change  Office,  19  Staniford  St.,  1st 
FI.,  Boston,  MA  02114. 


Job  #  SA1 .  Systems  Analyst  for  in¬ 
tegration,  design,  programming, 
implementation  using  Oracle,  VB, 
Active  Reports,  ASP,  JavaScript, 
HTML.  PL/SQL,  Toad,  SQL  Server 
2000,  &  Visual  SourceSafe.  Mod¬ 
eling  using  ERWIN/Visio  2000.  Data 
Migration  &  Warehousing  using 
DTS,  SQL,  Sagent.  Image  editing- 
Adobe  Photoshop,  HTML-Microsoft 
.NET  framework.  BS  in  Engineering 
or  Science  or  Related  Field  +  2  yrs. 
exp.  in  Software  Consulting.  In  lieu 
of  degree,  employer  will  accept  5 
yrs.  of  software  exp. 

Job  #  CPI.  Programmer  to  plan, 
design,  develop,  configure,  code, 
maintain,  implement  &  analyze 
computer  programs/systems.  De¬ 
velop  custom  designed  software 
solutions  for  clients.  Visit  client  sites 
as  needed  in  discovery,  testing  & 
implementation  phases.  MS  or  equ¬ 
ivalent  in  CS  or  CIS.  Must  be  profi¬ 
cient  in  C/C++,  Java,  Win32  API 
programming,  Crystal  Report  & 
Data  Encryption/Decryption. 

All  positions  offer  comp,  salary. 
Refer  to  job  number  &  apply  to  HR, 
ECS,  Inc.  8744  Main  Street,  #101, 
Woodstock,  GA  30188  with  proof  of 
work  authorization.  | 


WEB  DEVELOPER  -  Dvlp  custom¬ 
ized  prgms  in  Perl,  C,  C++,  Java  & 
SQL  in  Unix  envrmt.  Enhance  user 
appeal  &  utility  of  customized  prgms 
as  well  as  overall  functionality  of 
website.  Create  Web  front-end  user 
interfaces  using  JavaScript  &  HTML 
to  new  or  existing  d/bases  to  make 
business  applies  web  accessible. 
Perform  ongoing  day-to-day  opera¬ 
tion  of  the  server  s/ware  incl.  main¬ 
taining  system  security,  monitoring 
usage  stats  &  logs,  modifying  con¬ 
figuration  settings  &  backing  up  the 
system.  Perform  troubleshooting 
duties  when  needed  &  write  shell 
scripts  as  necessary.  Implmt,  test  & 
maintain  customized  s/ware.  Reqd 
Bach  in  Comp  Sci  (employer  will 
accept  foreign  deg  equiv)  +  2  yrs  in 
job  offd  or  2  yrs  as  s/ware  develop¬ 
er  or  programmer.  2  yrs  exp  in  relat¬ 
ed  occupation  must  incl  Perl,  C, 
C++,  Java,  SQL,  HTML  &  Java¬ 
Script.  Send  resume  to  J.  Feinberg, 
HR,  Info  Technologies,  Inc,  Mon¬ 
mouth  Park  Corp  Ctr  1,  187  Rte  36, 
Bldg  A,  Ste  20,  W.  Long  Branch,  NJ 
07764. 


Analyst 

Programmers 

Working  with  Oracle 

1 0.1/1 1  i  throughout 

the  USA.  Contact 

Raretec  128  West 

Broadway,  Oviedo, 

FL  32765  or  Fax  to 

(407)  971-8808. 


Computer  programer.  Up-grading 
and  maintenance  of  the  computer 
systems,  including  purchasing  of 
hardware  and  software,  program¬ 
ming,  design  and  implementation 
Data  Base  programs  using  Visual- 
Basic  to  control  menu  Designs, 
cost  inventory,  payroll,  accounts 
receivable  and  payable,  and  em¬ 
ployee  schedules  including  the 
ones  to  be  used  by  the  network. 
Web  design  and  development. 
Supervise  the  implementation  of 
the  network  of  all  four  restaurants 
locations  with  main  office,  required 
technical  or  associate  Degree  in 
computer  programming  or  comput¬ 
er  information  systems.  1  year  on 
the  job  experience  or  computer  pro¬ 
gramming  experience,  which  in¬ 
cluded  data  base  design  using  vis¬ 
ual  basic.  Foreign  degree  accept¬ 
able.  competitive  salary.  40  hr/wk. 
send  resume  &  cover  letter  docu¬ 
menting  minimum  qualifications  to: 
Wayne  Grimball,  la  fiesta  South 
Inc.,  suiteA  6521  Highway  69 
south,  tuscaloosa,  AL  35405,  EEO. 


Systems  Analyst  -  Uses  sys¬ 
tems  to  analyze  Latin  banking 
systems  &  business  require¬ 
ments.  Design,  dev.  &  pro¬ 
gram  software  for  integrated 
banking  systems  in  Latin 
America  Banks  &  financial 
institutions.  Works  w /  IBM, 
AS/400,  RPG,  ILE  static  pro¬ 
gramming  w /  services.  De¬ 
signs  teller  attention  systems 
incl.  (Sarabank,  IBS  branch) 
40  hrs  per  wk  9AM-6PM.  3  yrs 
exp.  in  job  offered.  Fax 
resume  to  Datapro,  Inc.  Attn: 
William  Montiel  Case  #  03- 
1308  (305)  377-3282. _ 


Developer  to  develop  a  robust 
BPMS  (Business  Process  Manage¬ 
ment  Software)  on  J2EE  platform 
using  JDBC  compliant  database. 
Write  programs  using  Microsoft 
SQL  Server  2000/7.0,  MySQL, 
PostgreSQL  on  Windows  and  Linux 
platforms.  Utilize  HTML,  ASP,  Java¬ 
Script,  templates,  velocity  and  Jet- 
speed.  Familiarity  with  Internet  In¬ 
formation  Servers.  Use  Photoshop 
&  Illustrator  for  front-end  graphics. 
Use  UML  for  application  modeling 
and  LDAP  for  Active  Directory 
Services.  Salary  as  per  prevailing 
wages.  BS  in  Computer  Science. 
Plus  training  in  Appstream  soft¬ 
ware.  Apply:  Open  Systems,  4005 
Windward  PI.,  #  550,  Alpharetta, 
GA  30005  with  proof  of  permanent 
work  authorization. 


Portal  Content  Analyst  -  Re¬ 
sponsible  for  analyzing,  evaluat¬ 
ing  and  developing  content  for 
Spanish  portal  (website)  of 
BellSouth.net.  Master’s  degree  in 
Computer  Science,  Computer 
Information  Systems  or  related 
field  required  and  one  year  expe¬ 
rience  in  systems  and  web  con¬ 
tent  analysis  OR  Bachelor's 
degree  in  stated  fields  and  three 
years'  of  stated  experience. 
Must  be  fluent  In  Spanish. 
Please  forward  resume  to  Attn: 
Lisa  Burlingame,  BellSouth, 
2247  Northlake  Parkway,  Suite 
800,  Tucker,  Georgia  30084. 
Please  do  not  email  or  fax 
resumes.  EOE. 


Sr.  SW  (Test)  Engr.-  As  member  of 
SW  testing  team,  test  &  develop 
test  automation  SW.  Participate  in 
design  &  code  reviews.  Write  test 
plans  according  to  system  reqs. 
Mntn.  exist'g  test  plans  &  automat¬ 
ed  test  scripts.  Test  telecom  prod¬ 
ucts.  Support  pot’l  customers  dur¬ 
ing  lab  trials.  Must  have  B.S.  in 
Comp.  Eng'g/Sci.,  E.E.  or  equiv.  + 
3yrs.  exp.  in  the  job  offered  or  3  yrs. 
exp.  w /  SW  testing  for  the  telecom 
industry,  including  detailed  knowl¬ 
edge  of  telecom  protocols,  general 
telecom  procedures  &  TCL  script¬ 
ing.  40  hrs/wk;  Salary:  $92,833/yr. 
Send  2  copies  of  resume  to:  Case 
#200201705,  Labor  Exchange  Of¬ 
fice,  19  Staniford  St  1st  Fl,  Boston 
MA  02114. 


THE  WORLD’S  BEST 
IT  TOOL  IS  IN 
YOUR  H  ANDS. 

THE  WORLD’S  BEST 
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OUR  SITE. 
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COMPUTER  PROG¬ 
RAMMER  wanted  by 
software/hardware 
consultants  in  Hous¬ 
ton,  TX.  Must  have 
degree  in  Comp.  Sc.  & 
exp.  Respond  by  res¬ 
ume  only  to:  Mr.  Fred 
Vakili,  President  N/T 
#10.  PC.  Vision,  Inc. 
6220  Westpark,  Ste 
101,  Houston,  TX 
77057. 


Golden  Way  Security  is  hiring  IT 
professionals  to  handle  software 
and  computer  issues  in  mortgage 
areas  including  web-based  appli¬ 
cation  design.  BS  with  some 
experience  are  the  minimum 
requirement.  Please  send  res¬ 
umes  to  28125  W.  Seven  Mile 
Rd.,  Livonia,  Ml  42152. 

Programmer  Analyst  &  Statistician 
wanted  by  Biopharmaceutical 
Research  Consultant,  Inc.  (BRCI). 
Duties  include  SAS/statistical  pro¬ 
gramming,  database  creation. 
Minimum  requirement  is  BS  with 
exp  in  related  field.  Send  resumes 
to  6869  Marshall  Road,  Dexter,  Ml 
48130.  EOE. 


Cityon  Systems,  Inc.,  a 
s/ware  consulting  co. 
seeks  to  fill  the  position 
of  Computer/Quality  As¬ 
surance  in  Chicago,  IL 
and  unanticipated  Iocs  in 
US.  Must  have  BS  &  4 
yrs  s/ware  exp.  Respond 
by  resume  to  Attn:  HR 
Dept.;  Cityon  Systems, 
Inc.,  2000  North  Central 
Expressway,  Plano,  TX 
75074. 


Looking  For 

a" 

New  Car  ter? 


The  new 
itcareers.com 
and 

CareersJoumal.com 
combined 
jobs  database 
can  help  you 
find  one. 
Check  us  out! 
www.itcareers.com 


Junior  Programmer.  Assist  in 
design,  developing,  testing 
&  implementing  of  software 
using  J2EE,  Jetspeed,  UML, 
JSP,  Turbine,  velocity,  post- 
gres,  SQL,  Java  Beans, 
XML,  XSL,  Eclipse,  JDBC, 
JTogether  5.5  &  C++.  Req: 
BS  in  Comp.  Sci./Eng.  or 
Elec.  Eng.  40  hr-wk.  Job/ 
Interview  Site:  Redondo 
Beach,  CA.  Send  resume  to 
Philosopher’s  Stone  Solu¬ 
tions,  LLC.,  1874  S.  Pacific 
Coast  Hwy.,  #  722,  Redondo 
Beach,  CA  90277. 


Software  Engineer.  Works 
under  the  supervision  of  sr. 
mgmt  to  research/develop  math, 
algorithms  for  image  processing 
complex  graphics  SW  &  imple¬ 
ment  using  C++/OOP  on 
Windows/Macintosh; 
design/implement  based  on 
TCP/IP:  determine  time/cost 
feasibility;  develop  req’ts;  devel¬ 
op/implement  SW  testing,  pro¬ 
gramming,  documentation/ 
installation.  Req.  Bach,  in 
Engineering,  Comp.  Sci., 
rel./equiv.  &  1  yr.  exp.  Resume 
to  J.  Miranda,  Deneba  Software, 
Inc.,  1150  NW  72nd  Ave., 
Penthouse,  Miami,  FL,  33126. 
No  calls. 


Programmer 

Develop  customized  IT  solutions 
based  on  a  client's  needs  and 
business  environment.  Must 
have  a  Bachelors  Degree  in  CS 
or  Engineering  and  2  yrs.  of  exp. 
or  2  yrs.  of  exp.  in  a  related  posi¬ 
tion  w/ability  to  use:  Visual 
Basic,  JavaScript,  SQL  Server. 

Must  be  willing  to  re-locate. 
40hrs./wk,  9AM-6PM. 

Applicants  send  cover  letter  and 
resume  to:  Cyber  Korp,  Inc.,  400 
West  Lake  Street,  Suite  216, 
Roselle,  IL  60172,  ATTN:  HR 
Mgr. 


Programmer  Analysts  to  analyze, 
develop,  maintain  software  appls 
using  Oracle  Applications,  Oracle, 
PL/SQL,  Dev  2000,  etc  under 
Windows/UNIX  OS;  conduct  func¬ 
tional  testing  and  debugging;  per¬ 
form  data  conversions,  customize 
Forms/Reports  using  Oracle  Ap¬ 
plications  standards;  document, 
maintain  &  update  development 
process.  Require:  BS  or  foreign 
equiv.  in  CS/Engg.  (any  branch)  or 
related  field  &  2yrs  of  exp.  in  IT. 
Travel  involved.  F/T  position. 
Competitive  salary.  Resume  to: 
HR,  Quest  America, Inc.,  211 
East  Ontario  Street,  Suite  1800, 
Chicago,  IL  60611. 


Software  Engineers  to  analyze, 
design,  develop/customize  busi¬ 
ness  appls  using  Oracle  Fin.  and 
Manuf.  Appls,  Oracle,  SQL,  PL 1 
SQL,  Dev  2000,  Designer  2000 
etc.  under  Windows,  UNIX  and 
Sun  Solaris  envir;  interact  with  end 
users,  gather  and  document  reqs; 
prioritize  functional  specs  formulat¬ 
ed  from  user  reqs;  evaluate  prod¬ 
uct  functionality  and  design  to 
assure  quality.  Require:  Masters  or 
foreign  equiv.  in  CS/Engg. (any 
branch)/Science/Bus.  Mgmt.  Tra¬ 
vel  involved.  F/T  position.  Com¬ 
petitive  salary.  Resume  to:  HR, 
Quest  America,  Inc.,  211  East 
Ontario  Street.  Suite  1800, 
Chicago.  IL  60611 .  _ 


SYSTEMS  ANALYST 

Analyzes  user  requirements, 
procedures  and  problems  to 
automate  processing  or  to  exist¬ 
ing  computer  systems.  Bach¬ 
elor's  degree  in  computer  sci¬ 
ence,  engineering  or  math- 
related  and  2  yrs.  exp.  UNIX 
and  AS/400  operating  systems, 
MF  COBOL,  RPG  3,  COBOL/ 
400,  CL/400  languages.  Must 
be  able  to  travel. 

Apply  by  resume  only  to  Murali 
K  Suddala,  Capricorn  Systems 
Inc.  3569  Habersham-at  - 
Northlake,  Building  K,  Tucker, 
GA  30084. 


Analytical  Design  Service  Corp 
(ADSC)  is  looking  for  system/pro¬ 
grammer  analysts.  Duties  include 
web  application,  web  graphic 
design,  database  in  account- 
ing/HR  fields.  Must  have  IT  exp. 
using  HTML,  Flash  &  fireworks. 
Please  send  resumes  to 
resumes@adsc-usa.com.  EOE. 

Software  engineer  and  system 
analyst  wanted  by  Hawaii  Village 
Computers  to  develop  special 
software  Lawn  Assistance  III. 
Experience  in  FoxPro,  SQL, 
Mapping  software  is  required, 
familiar  with  Lawn  Care  industry. 
Minimum  BS  degree.  Apply  at 

realqreen@realQreen.com- 


Seeking  qualified  applicants  for  the 
following  positions  in  Memphis/ 
Collierville,  TN:  Senior  Program¬ 
mer  Analyst.  Formulate/define  fun¬ 
ctional  requirements  and  documen¬ 
tation  based  on  accepted  user  cri¬ 
teria.  Requirements:  Bachelor's 
degree  or  equivalent  in  computer 
science,  MIS,  engineering  or  relat¬ 
ed  field  plus  5  years  of  experience 
in  systems/applications  develop¬ 
ment.  Experience  with  Java,  Unix 
and  SQL  programming  also  re¬ 
quired.  ‘Master's  degree  in  appro¬ 
priate  field  will  ofFset  2  years  of 
general  experience.  Submit  res¬ 
umes  to  Sibi  George,  FedEx 
Corporate  Services,  1900  Summit 
Tower  Blvd.,  Suite  1400,  Orlando, 
FL  32810.  EOE  M/F/D/V. 


Navision  Developer:  Develop/pro¬ 
gram  customizations  in  Microsoft 
Navision  Financial  package:  design 
&  document  user  specified  solu¬ 
tions;  create  system  &  end  user  uti¬ 
lization  reports;  manage  data  con¬ 
version  (flat  files,  importation  pro¬ 
grams,  etc.);  provide  Navision 
AVISTA  customer  support;  teach 
development  classes;  program 
installation  &  setup  of  client/server 
software  on  Navision  server  &  SQL 
server.  Req.  4  yrs  work  exp  in  job 
offered  or  4  yrs  exp  in  related  occu¬ 
pation  as  Developer  or  any  suitable 
combo  of  edu.,  training,  and/or 
work  exp.  Send  resume  to 
Compusystems  of  Georgia,  Inc., 
3805  Crestwood  Parkway,  Suite 
250,  Duluth,  GA  30096  Ref  BN. 


Software  Engineer  (NY  NY): 
Design,  develop  &  administer 
sales/purchase/inventory  sys¬ 
tem  designed  for  diamond  & 
jewelry  industry.  Design,  code  & 
test  complex  system  compo¬ 
nents,  incl  memo  system  fea¬ 
ture  &  inventory  system  for  pre¬ 
cious  gems.  Develop  multi-tier 
applications  using  Java  and 
C++.  Develop  web-based  appli¬ 
cations  and  implement  client- 
server  technology  using  Visual 
Basic.  Bachelor's  or  foreign 
equiv  in  Elec  Engin,  Comm 
Engin  or  Comp  Info  Systems 
plus  3  yrs  exp  in  job  offered. 
Fax  resume  to:  212-888-0055. 


Senior  System  Engineer:  Per¬ 
form  AS-400  administration,  in¬ 
cluding  installation,  configura¬ 
tion,  upgrading,  monitoring, 
backups,  and  administrative 
tasks  like  user  creation  and  sec¬ 
urity  clearance.  Install  Tivoli 
monitoring  system  in  all  servers 
in  the  company's  North  and  Latin 
America  offices  in  different  plat¬ 
forms  and  configure  and  main¬ 
tain  them.  Responsible  for  the 
backups  of  all  the  servers  in  the 
US  data  center  (using  Tivoli 
Storage  Manager).  Responsible 
for  maintaining  the  Data  Center 
in  company's  Puerto  Rico  office. 
Requirements  include  a  Bachel¬ 
or's  degree  or  equivalent  combi¬ 
nation  of  education  and  work 
experience  in  Information  Sci¬ 
ence,  Computer  Science  or  relat¬ 
ed  field  and  two  years  of  pre-or 
post-degree  work  experience  in 
the  job  offered  or  related  field  of 
system  engineering  and  support. 
Applicants  must  have  unrestrict¬ 
ed  authorization  to  work  in  the 
United  States.  Salary  $74,200/ 
year.  40  hours/wk.  Respond  with 
two  copies  of  resume  to  Case 
#200202625,  Labor  Exchange 
Office,  19  Staniford  St.,  1st  FL, 
Boston,  MA02114. 


Computer/Info.  Systems 
Information  Systems  Professionals 

To  participate  in  analysis,  problem 
solving,  project  design  and  techni¬ 
cal  implementation  for  major  pro¬ 
jects,  mentor  junior  level  consul¬ 
tants.  Participate  in  the  timely  and 
high  quality  delivery  of  product; 
implementation,  integration,  de¬ 
sign,  coding,  testing  and  documen¬ 
tation  of  custom  application  soft¬ 
ware;  evaluate  user  requirements 
and  consult  with  design  team  to 
identify  current  procedures  and 
needs;  support  and  train  end-us¬ 
ers.  Technologies/Platforms  used 
include  UNIX,  Windows  NT,  SQL 
Server,  or  Oracle  using  SQL, 
C/C++,  Visual  Basic,  Java,  Cobol 
and  other  appropriate  program¬ 
ming  languages  in  Client/Server, 
Network  and  Mainframe  environ¬ 
ments.  Must  have  a  Bachelors 
degree,  or  its  equivalent,  and  3  yrs. 
professional  experience.  Send 
resume  to:  Human  Resources, 
Knightsbridge  Solutions,  500  W. 
Madison  Ave.,  Suite  3100, 
Chicago,  IL  60661.  EOE 


MagnaQuest,  Inc.  delivers  end- 
to-end  customer-centric  IT  solu¬ 
tions.  We  are  looking  for  the  fol¬ 
lowing  position. 

Programmer  Analysts:  Design, 
develop  and  test  Internet  based 
programs  for  EBPP  packages, 
Electronic  Billing  Presentation 
and  Payment.  Design  client-serv¬ 
er  applications  using  JAVA,  EJB, 
NetDynamics  and  Oracle.  Inter¬ 
act  with  clients  to  design  the  func¬ 
tions  of  software  according  to 
client  specifications  using  Unix, 
C++.  Corba,  XML,  UML,  WEB- 
LOGIC  7,  testing  tools.  Requires 
Bachelor’s  degree  in  Computer 
Science  or  Engineering  and  2+ 
years  of  experience. 

Send  resume  to:  Human  Resour¬ 
ces,  MagnaQuest,  Inc.,  16219  S. 
31st  Way,  Phoenix,  AZ  85048. 
E-mail:  mqusa@magnaquest.net. 


Consultant  sought  by  NYC 
Computer  consulting  firm  to 
analyze  user  needs,  to  dsgn, 
dvlp  &  implmt  medium  to 
large  scale  applies  using 
technologies  such  as  Java, 
HTML/DHTML,  Oracle,  Win 
2000/NT95,  Unix,  Unix  Shell 
Scripts,  Oracle,  Beantest, 
Rational  Purify,  Optimize  IT, 
SQL  Navigator,  Microsoft 
Visual  Studio.  Must  have  rel¬ 
evant  work  exp.  Send 
resume  to  Gemini  Systems, 
HR  #CRK,  61  Broadway,  Ste 
925,  NY,  NY  10006. 


Manhattan  Associates,  Inc.,  a 
worldwide  leader  in  supply  chain 
execution  systems  is  looking  for  IT 
professionals  to  join  our  team  at 
our  Atlanta,  GA,  Burlington,  MA, 
and  Mishawaka,  IN  locations  (Job 
locations  may  vary)  Business  An¬ 
alysts.  Logistics  domain  to  analyze 
document  &  generalize  customer 
req.  to  create  feature  sets  &  en¬ 
hancements  to  internet  based  opti¬ 
mization  suite  using  UML  &  Trans¬ 
portation  Execution  &  Procurement 
tech,  J@EE,  XML,  XSLT,  CSS 
iPlanet  &  CPLEX  math  &  solver 
libraries.  Req  BS  bus.  or  equiv. 
including  Stats  &  Quantitative  Meth. 
&  2  yr.  as  Bus  Analyst  or  Consult, 
exp.  to  include  bus.  modeling,  ERP. 
Unix  Administrators  Unix/Sun 
Solaris  support  &  admin  optimiza¬ 
tion-based  transport  decision  sup¬ 
port  sys  on  Solaris  8,  AIX4.3,  AIX 
5L,  HP  UX  &  Win2000  sys  using 
Weblogic,  WebMethod,  MQ  Series, 
RateWare,  &  PCMILER,  w/Big- 
Brother  &  SiteScope  monitoring. 
Req  BS  Engg  or  Comp  Sci  &  2  yr 
as  Unix  Admin  or  Sys  Engg,  exp  to 
include  admin.  Solaris  8,  HP-UX, 
Big  Brother,  Weblogic  &  Shell 
scripting.  Resumes  to:  K.  Littleton, 
Manhattan  Associates,  2300  Windy 
Ridge  Pkwy.  7th  FI.  N.,  Atlanta  GA 
30339. 


Software  Application  Engineer: 
Perform  system  analysis,  des¬ 
ign,  programming,  testing,  imp¬ 
lementation  and  documentation 
of  technical  customer  engage¬ 
ments.  Review  site  preparation 
checklists,  executing  statements 
of  work/activity  plan  tasks,  defin¬ 
ing  and  assessing  the  need  for 
change  requests  and  coordinat¬ 
ing  change  requests  with  project 
managers  along  with  data  con¬ 
versions,  form  medications  and 
forms  development.  Requires: 
Bachelors  in  Computer  Science 
or  the  U.S.  equivalence  and  two 
years  experience  in  Customizing 
CRM  Applications.  Must  have 
knowledge  of  Applix  Enterprise, 
Applix  Administration  and  Crys¬ 
tal  Reports.  40hrs/wk  (8:00  A.M. 
to  5:00  P.M.);  $70,000.00/yr. 
Send  two  resumes/responses 
to:  Case  Number  200202367, 
Labor  Exchange  Office,  19 
Staniford  Street,  1st  Floor, 
Boston,  MA  02114. 


Actual  Systems  of  America  seeks 
applicants  for  the  position  of 
Computer  Programmer  in  Aurora, 
CO  to,  using  FoxPro  and  C  lan¬ 
guage  under  Unix  and  SQL 
Server  databases,  work  on  devel¬ 
opment  projects  and  software 
enhancements  for  a  software 
used  by  the  auto  recycling  indus¬ 
try.  Requirements  for  this  position 
include  a  bachelor's  degree  in 
computer  science  or  electronic 
engineering  and  2  yrs.  exp.  as  a 
programmer  using  FoxPro  2.6. 
Requirements  also  include  work¬ 
ing  knowledge  of  Unix,  Windows 
CE,  SQL  Server,  Embedded 
Visual  Basic  and  C  language 
under  a  Unix  operating  system. 
Respond  by  resume  only  to  HR, 
Actual  Systems  of  America, 
14231  E.  4th  Ave.,  #101,  Aurora, 
CO  80011.  No  phone  calls. 


Seeking  qualified  applicants  for  the 
following  positions  in  Memphis,  TN: 
Senior  Ml§  Analyst-  Provide -project 
leadership  in  the  analysis,  design, 
development  and  management  of 
databases  and  reporting  tools  to 
support  customer  service  computer 
systems/applications.  Require¬ 
ments:  Bachelor's  degree*  or  equiv¬ 
alent  in  computer  science,  math, 
business  or  related  field  plus  5 
years  of  experience  in  business  an¬ 
alysis,  computer  modeling,  simula¬ 
tion  and/or  MIS  system  develop¬ 
ment.  Experience  with  SAS;  Ac¬ 
cess;  and  either  Sybase  or  Power¬ 
Builder  also  required.  ’Master’s 
degree  in  appropriate  field  will  offset 
2  years  of  general  experience. 
Submit  resumes  to  Mike  Feehan, 
Federal  Express  Corporation,  3796 
Lamar  Avenue.  3rd  Floor.  Memphis. 
TN  38118.  EOE  M/F/D/V. 


Igenesis  delivers  innovative  IT 
solutions  to  business  clients  nation¬ 
wide.  We  have  immediate  full  time 
opportunities  for  Software  Engin¬ 
eers  &  Programmers. 

We  are  seeking  candidates  with 
experience  in  design,  development, 
implementation  and  maintenance 
of  financial  systems  applications. 
Manage  &  architect  a  solution  that 
integrates  the  clients  information 
systems  using  PowerBuilder,  PFC, 
PFC  Tool,  Web  Datawindow.  Pow- 
erDynamo,  Jaguar.  Comer  Stone, 
PowerDesigner,  Java,  UML  Design, 
Coldfusion,  Javascripts,  Html, 
Clearcase,  Crystal  reports.  RCS 
Communication,  Control-M,  Perl, 
Shell  Scripting,  SQL-Server  and 
Oracle  on  a  Unix/Windows  operat¬ 
ing  system. 

Require  experience  in  preparing 
functional  requirements,  design 
specifications  &  generating  reports. 

Seeking  dependable  and  Total 
Quality  customer  service  oriented 
candidates  for  the  positions.  Re¬ 
quire  Bachelor's  degree  in  Com¬ 
puter  Science,  Engineering  or  relat¬ 
ed  field  is  required  +  3  yrs  of  expe¬ 
rience  in  the  job  offered  or  3  yrs  as 
a  Software  Developer.  Job  involves 
frequent  traveling  as  required  by 
the  project.  We  offer  excellent 
salary  &  benefits  package  for  40 
hrs/wk,  8:00  to  5:00  p.m.  Send 
resume  to:  Igenesis,  942  Parkton 
Drive,  Waukesha,  Wl  53189  or 
job41903@igenesisonline.com. 


Voicecom  Telecommunications. 
LLC  seeks  a  Sr.  Director  of  .Network 
Operations  to  direct  and  manage  an 
integrated  Network  Control  Center 
and  Field  Operations  Team,  which 
supports  Voicecom's  nationwide  IP, 
Voice  and  Data  Telecommunica¬ 
tions.  Responsibilities  include  ad¬ 
vanced  level  network  engineering 
and  maintenance  support,  direct 
and  manage  a  team  of  managers, 
engineers,  technicians  and  field 
operations.  Manage  extensive 
voice,  data  and  IP  networks  to 
include  IVR,  PBX,  VoIP,  Voice 
Messaging  systems.  Clear  Channel, 
Channelized,  Fractional,  DSI.  DS3, 
SONET,  DWDM.  ATM.  SMDS, 
Frame  Relay,  SMTP.  HTTP,  TEL¬ 
NET,  TRACEROUTE,  PING,  BGP, 
ISIS,  Static,  Multicast,  "MPLS  VPN", 
IS-IS  metrics,  DMS  Switching,  Voice 
Trunks,  DID  &  800  Services. 
Candidates  should  have  a  BA  or  BS 
in  Computer  Science  or  related 
field,  five  or  more  years  of  business 
management  responsibility,  exten¬ 
sive  lease  management  negotiation, 
relevant  technology  experience  and 
good  references.  Please  submit 
your  resume  with  salary  history  and 
requirements  to:  HR  Director,  5900 
Windward  Parkway,  Suite  500, 
Atlanta,  Georgia  30005. 


IT  Project  Managers  needed. 
Seeking  qual.  candidates  pos¬ 
sessing  Bachelor’s  or  equiv. 
and/or  rel.  work  exp.  Part  of  the 
req.  rel.  exp.  must  include  3  yrs. 
managing  IT  projects  simultane¬ 
ously  with  software  develop¬ 
ment.  Exp.  in  scope  definition, 
monitoring  project  process  & 
developing  status  reports  pre¬ 
ferred.  Knowledge  of  standard 
project  management  tools  & 
techniques  a  plus.  Must  be  will¬ 
ing  to  travel  &  relocate  as  req'd. 
Fwd.  resume  &  ref.  to  Cal2Cal 
Corp.,  Attn:  HR.  4521  Campus 
Dr.,  PMB  335,  Irvine,  CA 92612 


PROGRAMMER  ANALYST.  JR  - 
Analyze,  design,  program,  imple¬ 
ment.  test  &  support  advanced 
software  applications  utilizing  C#. 
VB.  VB  Script.  ASP,  SQL  Server. 
Oracle,  Java,  Java  Script  under 
UNIX  &/or  Windows  operating 
environment  for  client/server  &/or 
internet-related  applications.  Re¬ 
sponsible  for  system  installation 
&  integration  of  middleware 
COM+  components  w/web  appli¬ 
cation  running  under  IIS.  Req 
Bachelors  in  Comp.  Sci ,  MIS,  or 
Engg  (any  field)  plus  1  yr  exp 
Contact:  International  Systems 
Technologies.  Inc.,  1812  Front 
Street,  Scotch  Plains.  NJ  07076 
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Concept  Development  and  Secure 
Networking  Engineer 

Pitney  Bowes  Inc.  has  an  opening 
in  its  Shelton,  Connecticut  office  for 
a  Concept  Development  and  Sec¬ 
ure  Networking  Engineer. 

Responsible  for  concept  develop¬ 
ment  through  customer  centered 
innovation  and  research  into  the 
application  of  secure  wireless  net¬ 
working  technology  to  an  office  en¬ 
vironment  with  a  focus  on  both 
wired  and  wireless  networking  pro¬ 
tocols. 

Must  possess  at  least  a  bachelor's 
or  its  equivalent  in  Computer  En¬ 
gineering  or  a  related  field,  class¬ 
room  training  or  experience  with  a 
focus  on  both  wired  and  wireless 
networking  protocols,  including 
TCP/IP,  SONET,  ATM,  and  wireless 
protocols,  including  IEEE  802.11 
and  Bluetooth,  C++  development 
and  data  structure  design,  training 
in  technical  writing  and  public 
speaking  presenting  technical  ma¬ 
terial,  training  in  accounting  and 
economics  to  support  business 
modeling  and  concept  evaluation, 
and  design  and  analysis  of  wireless 
network  security,  including  partici¬ 
pant  authentication,  end  to  end 
channel  security,  and  location  man¬ 
agement  in  both  ad-hoc  and  man¬ 
aged  environments. 

Resume  and/or  cover  letter  must 
reflect  each  requirement  above  and 
specify  reference  code  CDSNE  or  it 
will  be  rejected. 

Forward  resume  to  Robbin  Drew 
Elliott,  Pitney  Bowes  Inc.,  One 
Elmcroft  Road,  Stamford,  CT 
06926-0700. 

Software  Engineer:  Customized 
software  &  Internet-based  applica¬ 
tion  design  in  support  of  financial 
industry  using  specialized  program¬ 
ming  languages  &  design  tools 
(Java,  Sql.  Rational  Rose,  Enter¬ 
prise  Java  Beans);  software  analy¬ 
sis;  develop  customized  &  enter- 
prised  software  using  expertise  in 
financial  industry  software  applica¬ 
tions  (Enterprise  Java  Beans)  & 
application  server-based  global  dis¬ 
tributed  applications  (Weblogic, 
Iplanet);  integrate  client  financial 
systems  with  newly-created  prod¬ 
ucts  to  make  data  accessible  to 
clients  on  UNIX  &  Windows  NT 
operating  systems;  test  &  deploy 
newly  created  enterprise  financial 
solution  products  &  provide  support 
on  third-party  accounting  tools; 
hardware  &  software  maintenance; 
performance  fine-tuning;  modeling 
our  clients'  businesses  to  load  fixed 
income  securities  data  into  the  data 
warehouse  using  database  sys¬ 
tems  (Oracle,  Sybase,  Enterprise 
Java  Beans)  &  application  servers 
(Weblogic,  Iplanet).  Must  have: 
Masters  Degree  in  Engineering, 
Electronics  or  Computer  Science,  3 
yrs  exp  in  job  offered  or  3  yrs  as 
Software  Engineer;  plus  proven 
knowledge  in  Object  Oriented 
Software  System  modeling,  design 
&  development  of  Internet-based 
distributed  enterprise  business  sys¬ 
tem  solutions.  Full  time;  salary: 
$95,000/yr.  Overtime  as  needed. 
Submit  two  (2)  copies  of  resume  to: 
Case  #200202581,  Labor  Ex¬ 
change  Office,  19  Staniford  St,  1st 
FI.,  Boston  MA  02114. 

COMSYS  is  an  established  IT  con¬ 
sulting  firm  that  serves  leading  cor¬ 
porations  including  174  of  the 
Fortune  500.  With  COMSYS,  you 
get:  Extensive  Benefits,  Additional 
Compensation  for  referrals,  and 
Professional  Challenges  with  train¬ 
ing  and  assignments  to  keep  you  at 
the  forefront  of  technology.  With  30 
offices,  we  need  the  services  of 
experienced  consultants  across  the 
US: 

•  Computer  Programmers 

•  Programmer  Analysts 

•  Systems  Analyst 

Software  Engineers 

User  Support  Specialists 

DBA’s 

•  Business  Analysts 

Project  Leaders 

Submit  resume  to: 

COMSYS 

3030  LBJ  Freeway 

Suite  905 

Dallas.  TX  75234 
www.comsys.com 

Fax:  972-960-0914 
EOE/M/F/DV 

Manager  -  CRM  (Customer  Rela¬ 
tionship  Mgmt..  Job  location:  Con- 
shohocken,  PA.  Duties:  Manage 
the  design,  set-up  &  implem.  of 
CRM  systems  using  Siebel  soft¬ 
ware.  Coord,  resources  to  develop, 
build,  unit  test,  system  test  &  rollout 
systems  &  meet  delivery  dates. 
Design  &  build  interfaces  for  con¬ 
version  from  legacy  systems  to 
Siebel  backend.  Define  arch.  &  top¬ 
ology  of  develop.,  test,  training  & 
prod,  environs.  Train  &  coach  con¬ 
sultants  in  div.  Plan  proj.  timelines 
using  MS  Project  to  meet  time, 
budget  &  delivery  schedules.  Re¬ 
quires:  M.S.  in  Comp.  Sci.,  Eng.  or 
a  related  field  &  3  yrs.  exp.  in  the 
job  offered  or  3  yrs.  exp.  as  a  Tech. 
Mgr.,  Sr.  Consultant  or  Analyst.  Will 
accept  B.S.  &  5  yrs.'  prog.  exp.  in 
the  comp.  ind.  Concurrent  exp. 
must  incl.  2  yrs.  exp.  managing  the 
design,  set-up  &  implem.  of  CRM 
systems  using  Siebel  software  &  2 
yrs.  exp.  developing  unit  &  system 
testing  &  performing  rollout  of  sys¬ 
tems.  Send  resume  (no  calls)  to: 
Diane  Tuccito,  Answerthink,  Inc., 
817  W.  Peachtree  St.,  Ste.  800, 
Atlanta,  GA  30308. 

Software  Eng'r:  research,  de¬ 
sign  &  dev.  software  apps,  us¬ 
ing  Clarify-CRM,  First  Choice, 
UNIX,  C/C++,  JAVA,  Oracle 
tools  &  tech.  Analyze  req't  to 
determine  design,  time  &  cost 
constraints.  Perform  other  rel. 
duties.  BS  or  equiv  in  CS,  MIS 
or  eng'g  rel.  5  yrs.  exp.  or  5  yrs. 
analysis/prog  rel.  FT.Req.travel. 
Job  site:  Topeka,  KS  or  may 
change  to  other  unanticipated 
sites  throughout  US  as  req. 
Send  res  to  USMBS,  4780 
Walbern  Court,  Chantilly,  VA 
20151.  Legal  rt  to  work  in  US 
must  be  stated. 

SOFTWARE  ENGINEER  to  design, 
develop,  test  and  maintain  web- 
based  and  batch  oriented  applica¬ 
tion  software  using  Java,  Siebel, 
VB  Script,  Java  Script,  ASP  and 
HTML  under  Windows  and  UNIX 
operating  systems.  Require:  M.S. 
degree  in  Computer  Science,  an 
Engineering  discipline,  or  a  closely 
related  field  with  one  year  of  expe¬ 
rience  in  the  job  offered  or  as  a 
Programmer/Analyst.  Extensive 
travel  on  assignment  to  various  cli¬ 
ent  sites  within  the  U.S.  is  required. 
Competitive  salary  offered.  Send 
resume  to:  Murli  N.  Reddy,  Charter 
Global,  Inc.,  5445  Triangle  Park¬ 
way,  Suite  190,  Norcross,  GA 
30092;  Attn:  Job  SN. 

Web  Master 

Designs,  develops  and  maintains 
large  internet/intranet  systems  for 
financial  institution. 

Must  have  B.S.  in  Computer  Sci¬ 
ence  or  equivalent,  and  two  years 
experience  in  job  offered.  40 
hrs/week,  Mon-Fri,  8:00  am  to 
5:00  pm. 

Send  resume  to:  Western  Re¬ 
serve  Life  Assurance  Company  of 
Ohio,  570  Carillon  Parkway,  St. 
Petersburg,  Florida  33716,  Attn. 
Human  Resources,  Job  Code 
LC1. 

EOE 

PROGRAMMER/ANALYST  to  ana¬ 
lyze,  design,  develop,  test,  imple¬ 
ment  and  maintain  GIS  application 
software  using  FRAMME,  Field 
View.  Microstation,  ODL,  MDL, 
Active  FRAMME.  Oracle,  PL/SQL. 
Visual  Basic,  Perl.  Informix  and 
ASP  under  UNIX  and  Windows  NT 
operating  systems.  Require:  B.S. 
degree  in  Computer  Science/ 
Engineering,  or  a  closely  related 
field  with  2  yrs.  of  exp.  in  the  job 
offered.  Extensive  travel  on  assign¬ 
ment  to  various  client  sites  within 
the  U.S.  is  required.  Competitive 
salary  offered  Send  resume  to: 
Murli  N.  Reddy,  Charter  Global, 
Inc.,  5445  Triangle  Pkwy.,  Ste.  190, 
Norcross,  GA  30092;  Attn:  Job  SB. 

Project  Engineer 

Pitney  Bowes  Inc.  has  an  opening 
in  its  Shelton,  Connecticut  office  for 
a  Project  Engineer. 

Design  test  strategy  documents, 
write  test  cases,  hold  test  case 
reviews,  execute  test  cases,  log 
defects  into  the  Clear  Quest  defect 
tracking  tool,  follow-up  on  the 
defects  until  resolution,  hold  defect 
review  meetings,  enter  test  results 
into  the  TRA  tool  and  hold  test 
results  meetings. 

Must  possess  at  least  a  bachelor’s 
degree  or  its  equivalent  in  Engin¬ 
eering,  Computer  Science  or  a 
related  field  and  relevant  work 
experience  as  a  Test  Engineer  - 
Product  Development,  including 
experience  with  unit,  component, 
integration,  functional,  reliability, 
security,  performance,  stress  and 
load  testing,  testing  of  Internet  and 
Intranet  applications,  testing  in  a 
Windows  environment  using  MTS, 
C++  and  Visual  Basic,  test  automa¬ 
tion,  and  System  Test  organization¬ 
al  tools. 

Resume  and/or  cover  letter  must 
reflect  each  requirement  above  and 
specify  reference  code  PE/VP  or  it 
will  be  rejected. 

Forward  resume  to  Robbin  Drew 
Elliott,  Pitney  Bowes  Inc.,  One 
Elmcroft  Road,  Stamford,  CT 
06926-0700. 


Computer  -  Senior  l/T  Specialist 
(Pittsburgh,  PA  and  various  loca¬ 
tions  throughout  the  U.S.)  Design, 
develop,  debug,  test  and  deploy 
client  applications;  plan,  imple¬ 
ment,  analyze,  performance-tune 
WebSphere  application  server 
installations  and  configuration,  pro¬ 
vide  technical  guidance  and  sup¬ 
port,  utilizing  Java,  Visual  Age  for 
Java  and  WebSphere  Application 
Server.  Requires  a  U.S.  or  Foreign 
Equivalent  Bachelor's  degree  in 
Physics,  Computer  Science,  or 
Management  Information  Systems 
and  two  years  of  experience  in  the 
job  offered  or  two  years  of  experi¬ 
ence  as  a  Software  Engineer, 
Systems  Analyst,  or  Programmer. 
40  hrs/wk,  9am-6pm,  $85,750.00. 
Reply  to  Job  Order  #WEB339016, 
Site  Director,  Pittsburgh/Allegheny 
County  CareerLink,  ATTN:  ES 
supervisor,  425  Sixth  Avenue,  Suite 
2200,  Pittsburgh,  PA  15219. 


Senior  Systems  Analyst  to  develop 
software  applications  using  CO¬ 
BOL  with  SQL  interface  using  SQL 
software.  Develop  new  applications 
in  COBOL/CICS  and  VSAM/ISAM 
in  a  DOS/VSE  environment.  Up¬ 
grade  current  system  from  CMS  to 
MVS.  Convert  VSAM/ISAM  data 
files  to  DB2/UDB  relational  data¬ 
bases.  Bachelor’s  degree  (will  also 
accept  foreign  degree  equivalent) 
in  Computer  Science,  Mathematics 
or  related  field  required.  Two  years 
experience  as  Senior  Systems 
Analyst  or  two  years  experience  as 
Senior  Systems  Developer,  Senior 
Programmer/Analyst  or  Senior 
Consultant  required.  One  year  ex¬ 
perience  using  COBOL,  SQL, 
CICS,  VSAM,  MVS,  VSE,  and  DB2 
required.  All  experience  may  be 
cumulative.  40  hours/wk,  8:00  a.m. 
to  5:00  p.m.,  $70,000/yr.  Send 
resumes  to  P.O.  Box  11170,  Detroit, 
Michigan,  48202.  Reference  No. 
211363.  Employer  Paid  Ad. 


Looking  for 
a  new  career? 


The  new  itcareers.com 
and  CareerJoumal.com 
combined  jobs  database 
can  help  you  find  one. 


Check  us  out  at: 


www.itcareers.com 


Luckily, 


itcareers.com  is  now  powered 
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IT  Security 

ty  spending,”  said  Mark  Doll, 
the  Americas  director  of  New 
York-based  Ernst  &  Young’s 
Security  Services  division,  in  a 
prepared  statement.  “It  looks 
like  we  need  to  find  a  credible 
alternative  to  conventional 
ROI  approaches  in  order  to  se¬ 
cure  funds  for  the  information 
security  function.” 

High  Priority 

Not  surprisingly,  90%  of  the 
organizations  surveyed  said 
that  IT  security  is  of  high  im¬ 
portance  to  them,  with  78% 
identifying  risk  reduction  as 
the  top  factor  influencing  se¬ 
curity  spending. 

Even  so,  information  securi¬ 
ty  managers  are  having  a  hard 
time  explaining  the  impor¬ 
tance  of  IT  security  in  relation 
to  overall  business  needs,  the 
survey  showed.  “There’s  a 
clear  disconnect  between 
what  organizations  define  as  a 
major  business  objective  — 
protecting  their  information 
resources  —  and  where  they 
allocate  funding,”  Doll  said. 

The  survey’s  results,  espe¬ 
cially  those  related  to  ROI, 
aren’t  surprising,  users  said. 

“Showing  ROI  on  security  is 
an  interesting  problem,”  said 
Jonathan  Squire,  security  tech- 


Leadi  g  Barriers 


What  are  the  most  sig¬ 
nificant  obstacles  to  effec¬ 
tive  information  security 
within  your  organization? 

(Multiple  responses  allowed) 

Budget  m 
constraints 

Resource  »» 
priorities 

Availability  of  m  ‘ 
skilled  staff 


Management 

commitment 

Management 

awareness 

Base:  1,413  respondents 


nical  architect  at  Dow  Jones  & 
Co.  in  Princeton,  N.J.  “For  the 
most  part,  if  we  are  doing  our 
job  well,  you  don’t  notice  us. 
Security  is  not  generally  a 
profit  center,  so  from  a  dollar 
perspective,  it  is  very  hard  to 
justify  spending.” 

Security  and  IT  managers 
also  lack  the  experience,  train¬ 
ing  and  vocabulary  to  effec¬ 
tively  articulate  a  business 
case  for  security  funding,  said 
Dennis  Treece,  director  of 
corporate  security  at  the 
Massachusetts  Port  Authority 
(Massport)  in  Boston.  As  one 
of  the  executives  in  charge  of 
securing  Boston’s  Logan  Inter¬ 
national  Airport,  three  sea¬ 
ports  and  a  major  toll  bridge, 
Treece  oversees  both  physical 
and  IT  security  for  Massport. 

“IT  people  come  from  a  cul¬ 
ture  that  sees  security  as  just 
another  point  of  failure  in 
their  networks,  another  way  to 
decrease  network  speed  and 
performance,”  Treece  said.  “IT 
people  who  get  made  IT  secu¬ 
rity  people  are  too  culturally 
attuned  to  the  network’s  prob¬ 
lems  and  don’t  press  the  case 
for  security  strongly  enough.” 

Compounding  the  problem 
is  the  fact  that  security  metrics 
in  many  ways  are  inherently 
hard  to  collect,  Treece  said. 

For  instance,  “how  do  you  col¬ 
lect  the  number  of  events  that 
did  not  happen  because  your 
guards  were  awake?” 

Business  Disconnect 

The  fact  that  just  51%  of  those 
surveyed  said  their  IT  security 
spending  was  either  complete¬ 
ly  or  closely  aligned  with  busi¬ 
ness  needs  illustrates  another 
problem.  And  more  than  34% 
of  organizations  rated  them¬ 
selves  as  less  than  adequate 
in  their  ability  to  determine 
whether  their  systems  are  cur¬ 
rently  under  attack,  while 
more  than  33%  said  their  abili¬ 
ty  to  respond  to  incidents  was 
inadequate. 

Doll  said  many  executives 
focus  on  well-publicized  secu¬ 
rity  issues  such  as  viruses  and 
malicious  hackers,  when  they 


H  Security  is  not 
generally  a 
profit  center,  so  from 
a  dollar  perspective, 
it  is  very  hard  to  jus¬ 
tify  spending. 

JONATHAN  SQUIRE,  SECURITY 
TECHNICAL  ARCHITECT,  DOW  JONES 

should  be  looking  into  less  ob¬ 
vious  threats  such  as  disgrun¬ 
tled  employees,  network  links 
to  partners  with  untrustwor¬ 
thy  systems,  hardware  thefts 
and  nonsecure  wireless  access 
by  employees. 

“These  factors  can  not  only 
cause  serious  information  se¬ 
curity  damage,  but  also  se¬ 


verely  damage  a  company’s 
reputation,”  he  said. 

The  bulk  of  security  spend¬ 
ing  at  most  companies  contin¬ 
ues  to  be  on  technology  prod¬ 
ucts,  with  far  less  attention  be¬ 
ing  paid  to  employee  aware¬ 
ness  and  training  issues,  the 
survey  revealed.  Only  29%  of 
those  surveyed  listed  employee 
awareness  and  training  as  a  top 
area  of  IT  security  spending. 

But  funding  for  any  security 
project  is  especially  hard  to 
secure  in  a  depressed  econo¬ 
my,  said  Carl  Cammarata, 
chief  information  security  of¬ 
ficer  at  automobile  association 
AAA  Michigan  in  Dearborn. 

“There  is  a  continuing  focus 
to  maintain  baseline  costs.  If  a 
choice  has  to  be  made  be¬ 
tween  adding  new  business 


functionality  or  spending 
money  on  something  that’s 
less  tangible,  like  security,  the 
money  always  goes  to  adding 
business  functionality,”  Cam¬ 
marata  said.  The  trick  is  to 
“express  risk  in  tangible 
terms”  by  showing  what  a  lack 
of  security  could  do  to  a  core 
business  system,  he  said. 

The  “2003  Ernst  &  Young 
Global  Information  Security 
Survey”  was  conducted  over  a 
two-month  period  earlier  this 
year,  gleaning  responses  from 
more  than  1,400  organizations 
in  66  countries.  I 


LEARN  MORE  ONLINE 

Head  to  our  Security  Knowledge  Center 
for  more  information  and  resources: 

QuickLink  k1600 
www.computerworld.com 


Continued  from  page  1 

Tru64 

competitive  officer,  said  he  be¬ 
lieves  that  many  of  the  Alpha 
and  Tru64  users  will  “feel 
abandoned”  and  dissatisfied 
with  the  option  of  ultimately 
moving  to  Itanium. 

Sun  is  focusing  on  growing 
revenue,  said  Singer,  and  HP 
“just  kind  of  left  the  door  wide 
open.” 

IBM  is  also  keen  to  attract 
some  of  these  users.  The  com¬ 
pany  doesn’t  have  a  specific 
incentive  program  unique  to 
Alpha  and  Tru64  users,  but  it 
does  have  programs  that 
would  help  them,  such  as 
server  consolidation  studies, 
said  Jeff  Benck,  director  of 
product  marketing  at  IBM’s 
Systems  Group. 

One  goal  of  the  HP  competi¬ 
tors  will  be  to  convince  Alpha 
and  Tru64  users  that  IBM’s 
AIX  version  of  Unix  and  Sun’s 
Solaris  are  an  easier  transition 
than  HP-UX. 

Dan  Marmion,  CIO  at  hard¬ 
ware  maker  New  Era  Cap  Co. 
in  Derby,  N.Y.,  runs  Alpha  and 
Tru64  and  said  he  looked  at 
converting  to  Sun  two  years 
ago.  Although  the  hardware 


was  less  expensive,  the  con¬ 
version  costs  were  high. 

Marmion  said  he  would  be 
willing  to  hear  Sun’s  new 
pitch,  although  so  far  he’s 
comfortable  with  HP’s  migra¬ 
tion  strategy  to  move  Tru64 
users  to  HP-UX,  even  though 
he  may  lose  some  features. 

Some  of  the  consultants  Best 
Western  brought  in  to  evaluate 
its  options  were  from  IBM,  and 
they  said  the  company  would¬ 
n’t  have  any  problems  moving 
its  Oracle  applications  to  any 
platform,  including  IBM. 

Skaare  said  he  liked  the  IBM 
pSeries  servers,  but  “HP  was 
able  to  bring  together  the  best 
overall  deal  for  us.”  That  pack¬ 
age  provided  professional  ser¬ 
vices  and  ongoing  mainte¬ 
nance  and  still  met  the  hotel’s 

H  Do  I  think  this 
is  a  great  time 
to  jump  to  the  other 
platforms?  I  would¬ 
n’t  say  so  yet.  I  don’t 
foresee  Itanium  as 
an  also-ran  platform. 

JIM  BECKER,  LEAD  SYSTEMS 
ENGINEER.  URBAN  INSTITUTE 


budget  goals,  he  said. 

Skaare  said  he  is  seeing  a  lot 
of  interest  from  vendors  in 
customers  like  himself.  “If 
there  isn’t  already  a  battle  out 
there  to  win  those  people, 
there  should  be,”  he  said. 

Jim  Becker,  a  board  member 
of  the  Chicago-based  HP  user 
group  Encompass  and  lead 
systems  engineer  at  Washing¬ 
ton  think  tank  the  Urban  Insti¬ 
tute  and  an  Alpha  and  Open- 
VMS  user,  said  he  sees  no  rea¬ 
son  yet  to  get  off  that  platform. 

“Do  I  think  this  is  a  great 
time  to  jump  to  the  other  plat¬ 
forms?  I  wouldn’t  say  so  yet,” 
he  said.  “I  don’t  foresee  Itani¬ 
um  as  an  also-ran  platform.” 

HP  is  planning  Alpha  up¬ 
grades  through  2005.  It  also 
has  plans  for  two  more  releas¬ 
es  of  Tru64  and  will  support  it 
through  2011. 

In  response  to  Sun’s  pro¬ 
gram,  HP  officials  said  the  bat¬ 
tle  for  customers  cuts  two 
ways.  The  company  has  com¬ 
prehensive  and  coordinated 
companywide  programs  “to 
aggressively  pursue  and  mi¬ 
grate  customers  from  Sun  and 
IBM  systems  to  HP  systems,” 
said  Mark  Hudson,  HP’s  vice 
president  of  marketing  for  en¬ 
terprise  storage  and  servers.  N 
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The  Idea  Game 


HOW  SLOW  is  the  business-news  business  these  days? 

So  slow  that  The  Wall  Street  Journal's  online  edition  is 
working  on  a  story  about  companies  that  have  devel¬ 
oped  grammar  policies  for  e-mail.  That’s  right:  At  a 
time  when  you’d  expect  everyone  to  be  laser-focused 
on  keeping  costs  down  and  maximizing  productivity,  some  execu¬ 
tives  are  fretting  about  whether  the  verbs  are  conjugated  correctly  in 
employees’  e-mail  —  and  the  Journal  wants  to  write  about  them. 

Finished  laughing?  Good.  Now  what  are  you  going  to  do  when 
your  CEO  decides  he  wants  to  implement  an  e-grammar  policy,  too? 


Sure,  it  sounds  a  little  silly.  But  hey,  times  are 
tough.  Every  company  needs  any  edge  it  can 
get.  And  if  a  grammatically  correct  e-mail  mes¬ 
sage  impresses  a  prospect  just  enough  to  tip  the 
competitive  scales  in  your  company’s  favor,  it 
may  be  worth  a  shot. 

And  why  would  your  CEO  come  to  IT  about 
this?  Because  it’s  a  lot  cheaper  and  easier  to 
bolt  a  grammar  checker  onto  your  e-mail  sys¬ 
tem  than  to  send  every  employee  to  remedial 
grammar  classes.  At  least  that’s  what  your  CEO 
is  going  to  think. 

Your  CEO  is  also  going  to  think  that  you  can 
come  up  with  some  cost-effective  ways  to  do  it. 
And  that  you  can  make  it  happen  fast.  And  that 
the  result  will  improve  even  his  messages. 

So,  what  should  you  do?  That  depends  —  but 
don’t  just  treat  this  idea  like  one  of  those  in¬ 
flight  inspirations. 

You  remember  them.  Back  when  you  still  had 
a  full  staff  and  budget,  your  CEO  used  to  return 
from  business  trips  with  loopy  IT  ideas  that 
came  from  airline  in-flight  magazines.  Usually 
they  sounded  very  interesting  —  but  were  com¬ 
pletely  impractical  or  inappropriate  for  what 
your  company  was  doing  with  IT. 

And  usually  you  could  either  talk 
him  out  of  it  or  just  let  the  idea  die 
from  lack  of  action.  In-flight  inspi¬ 
ration  tended  to  have  a  pretty  short 
life  span. 

As  time  went  by,  you  got  less  of 
that.  Maybe  you  didn’t  notice,  but 
somewhere  during  the  Internet 
frenzy,  your  CEO  got  a  little  more 
tech-literate,  so  those  loopy  in-flight 
ideas  stopped  sounding  so  good. 

And  sometime  after  the  economy 
started  sinking,  the  idea  of  burning 
budget  dollars  based  on  something 
torn  from  a  giveaway  airline  maga¬ 


zine  stopped  seeming  so  smart. 

So  why  would  your  CEO  start  bringing  in 
ideas  again?  First:  They  won’t  be  coming  from 
airline  magazines.  They’ll  come  from  business 
newspapers  and  magazines.  These  are  sources 
your  CEO  trusts  for  business  information.  He’ll 
trust  their  IT  suggestions,  too. 

Second:  Your  CEO  may  now  believe  he  can’t 
afford  not  to  be  involved  in  IT.  Sarbanes-Oxley 
and  security  and  lots  of  other  hot-button  busi¬ 
ness  issues  depend  on  IT  today.  But  so  do  little 
tweaks  that  could  give  your  company  that  tiny 
bit  of  competitive  edge.  He  doesn’t  want  to 
miss  those  opportunities. 

And  you  shouldn’t  miss  those  opportunities 
either.  Don’t  dismiss  your  CEO’s  new  sugges¬ 
tions  like  so  many  in-flight  inspirations.  He  be¬ 
lieves  IT  matters.  Leverage  that  belief. 

Get  back  to  him  fast  with  real  analysis  and 
real  options.  Don’t  encourage  bad  ideas,  but 
nudge  not-so-bad  ideas  in  the  right  direction. 
Warn  him  of  what  they  would  cost  in  budget 
and  delays  to  other  projects  —  which,  not  inci¬ 
dentally,  will  give  those  projects  high-level  visi¬ 
bility.  Point  out  the  limits  of  the  technology  — 
and  demonstrate  that  you  value  the  human  ele¬ 
ment  in  business. 

And  even  if  an  idea  sounds  a 
little  silly  to  you,  remember  that 
those  silly  little  ideas  can  pay  off 
big  for  you.  This  is  a  chance  to 
make  your  IT  department  look 
smart,  responsive  and  business- 
savvy  in  front  of  the  guy  who  can 
decide  either  to  invest  in  your  shop 
or  outsource  a  big  chunk  of  it. 

So  stop  laughing.  Take  it  serious¬ 
ly.  It  might  be  a  good  idea.  But  even 
if  the  business  doesn’t  get  any  real 
advantage  from  it,  that’s  no  reason 
you  shouldn’t.  I 


frank  hayes,  Computer - 
world's  senior  news  colum¬ 
nist,  has  covered  IT  for  more 
than  20  years.  Contact  him  at 

frank.hayes@computerwoftd.com. 


Next  Time,  Just  Ask 

After  this  pilot  fish  at  a  big  Internet  portal  writes  an 
abuse-detection  program,  he  discovers  that  the  por¬ 
tal's  financial  data  servers  are  getting  mass  requests 
from  one  user.  “And  the  accesses  are  coming  from  a 
machine  within  my  own  company,”  fish  says.  Turns 
out  another  division  wanted  the  financial  news  for  part 
of  its  own  service.  But  instead  of  arranging  for  a  prop¬ 
er  connection,  the  division's  developers  just  set  up  a 
script  to  continuously  check  fish’s  servers."!  gave 
them  a  more  efficient  feed,  and  our  traffic  dropped  by 
60%.”  fish  says.  “Had  I  known  this  a  few  weeks  ago,  I 
wouldn't  have  had  to  add  new  servers  to  handle  the 
increased  load  we'd  been  seeing!” 

Timing  Is  nn  _  cause  training 

Everything  oHAllIl  was  considered 

TAitlf  too  expensive,” 

lAnlUk  he  says.  And 

when  even 


nng 

Big  textile  com 
pany  installs  a 
requirements- 
planning  system,  but 
system  response  time 
is  so  slow  it  takes  two 
hours  to  enter  every 
order,  reports  an  intern 
pilot  nsn.  a  naroware 
upgrade  improves  re¬ 
sponse  by  only  10  min¬ 
utes,  so  a  much  more 
expensive  upgrade  is 
ordered -but  the  day  it 
arrives,  fish  discovers  a 
bad  setting  is  causing 
die  problem.  “We  don’t 
need  the  upgrade,”  fish 
tails  project  lead.  Keep 
quiet,  boss  tells  him. 
“The  heroic  hardware 
team  got  extra  vacation 
and  a  bonus  for  speeding 
up  the  order  entry  proc¬ 
ess,”  fish  sighs.  “I  was 
moved  to  a  tedious 
data-entry  position.” 

How  to  Invest 

Management  at  this 
mainframe-oriented  IT 
shop  says  it  wants  more 
client/server  focus,  says 
pilot  fish.  But  he’s  as¬ 
signed  to  spend  a  day 
stripping  floppy  disks  out 
of  boxes  of  outdated 
client/server  program¬ 
ming  tools.  “The  soft¬ 
ware  was  never  used  be- 


more  expensive  main¬ 
frame-simulation  soft¬ 
ware  arrives  a  few 
weeks  later,  it’s  shelved 
because  it  would  require 
upgrading  the  program¬ 
mers'  PCs.  Grumbles 
fish,  “At  least  the  depart¬ 
ment  can  say  it’s  invest¬ 
ing  in  client/server.” 

I  Just  Dandy 

Fbrtwo  or  three  years, 
this  company’s  purchas¬ 
ing  agent  has  bought 
printer  supplies  from  the 
same  unsatisfactory  out¬ 
fit,  says  pilot  fish:  “The 
prices  are  high,  a  third  of 
the  refurbished  toner 
cartridges  are  no  good, 
and  she  never  sends 
them  in  for  credit."  Fish 
finds  a  better,  cheaper 
supplier  that  manage¬ 
ment  declares  to  be  the 
preferred  provider  -  so 
why  are  invoices  still 
coming  in  from  the  old 
outfit?  Agent  admits  it’s 
because  she  likes  tho 
candy  the  first  supplier 
sends  with  each  order. 

rOi  TiaSS  II1VCHC6  aKWitJ, 

fish  says,  “that  bag  of 
candy  cost  us  an  addi¬ 
tional  $204.” 


OFEED  THE  SHARK!  Sand  your  true  tale  of  IT  life  to 
sharky@computefworid.com.  You  snag  a  snazzy 
Shark  shirt  if  we  use  it  And  check  out  the  daily  feed,  browse 
the  Sharkives  and  sign  up  for  Shark  Tank  home  delivery  at 
coinpiK6rwosm.ocinv»nBnQf' 
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SUN  FIRE™  V60X  SERVER: 

>  INTEL  XEON  2.8  GHZ  PROCESSOR 

>  RUNS  SOLARIS™  9  OS  FOR  X86  OR  RED  HAT®  ENTERPRISE  LINUX®  ES 


$2,450. 


SUN  FIRE  V210  SERVER: 

>  RACK-OPTIMIZED,  ULTRASPARC®/SOLARIS  OS 

>  INTEGRATED  WITH  AWARD-WINNING  SUN™  ONE  MIDDLEWARE 


$2,995. 


SUN  STOREDGE™  3310  SCSI  ARRAY: 

>  HIGH-DENSITY,  MODULAR  STORAGE 

>  HIGH  AVAILABILITY  CONFIGURATIONS 

$6,995. 

SUN  FIRE  BlOO  BLADE  SERVER: 

>  ULTRASPARC  OR  X86  PROCESSOR 

>  RUNS  SOLARIS  8,  9,  OR  RED  HAT  ENTERPRISE  LINUX  ES* 

$1,795. 


HE  LOW  COST  MOVE  IS  ON 


